Enterprise-grade code review agent. Reviews PRs, diffs, or code files for security vulnerabilities, performance issues, error handling gaps, architecture smells, and test coverage. Works with any lang
Expose security vulnerabilities, deceptive constructs, and unfinished code before they reach production. Reveal architectural and design pattern usage with clear, actionable guidance to improve consis
HTTP server exposing OSV (v1) for open source vulnerability lookup via osv_query/osv_query_batch tools.
Scan AI agent skills, MCP servers, and plugins for security vulnerabilities. Use when: user asks to check a skill/plugin for safety, audit security, scan for...
Scan OpenBot/Clawdbot skills for security vulnerabilities, malicious code, and suspicious patterns before installing them. Use when a user wants to audit a skill, check if a ClawHub skill is safe, sca
Scan project dependencies for vulnerabilities, license compliance, and generate security or compliance reports using native package manager audits.
Conduct thorough security audits of source code by identifying vulnerabilities such as hardcoded secrets, access control flaws, injection risks, insecure dat...
BYOCB ArbInjectionSkill: Scan EVM smart contracts for arbitrary call injection vulnerabilities. Monitor chains in real-time or scan specific addresses.
Safely triage and remediate GitHub dependency hygiene issues with explicit guardrails. Use when Dependabot PRs fail, pnpm lockfiles break, transitive vulnerabilities appear (e.g., glob/lodash/brace-ex
npm intelligence — search packages, check bundle sizes, scan vulnerabilities, compare downloads.
Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews.
Scan ClawHub skills for security vulnerabilities BEFORE installing. Use when installing new skills from ClawHub to detect prompt injections, malware payloads...
Scans GitHub repositories and skills for vulnerabilities like prompt injection, malware, and OWASP risks. Identifies security threats in external dependencies to ensure software health. Provides detai
Scan OpenClaw skills for security vulnerabilities before installing them. Use when evaluating a new skill from ClawHub or any third-party source. Detects cre...
Scan your connected services for vulnerabilities and malicious code. Monitor runtime behavior with real-time alerts to stop threats before they spread. Get clear remediation guidance and an auditable
[Mobb Vibe Shield](https://vibe.mobb.ai/) identifies and remediates vulnerabilities in both human and AI-written code, ensuring your applications remain secure without slowing development.
Security expert for OpenClaw deployments. Audits local configuration files for vulnerabilities in network settings, channel policies, and tool permissions. P...
Audit Node.js HTTP servers and web apps for security vulnerabilities. Checks OWASP Top 10, CORS, auth bypass, XSS, path traversal, hardcoded secrets, missing...
Test your AI agent for security vulnerabilities using PwnClaw. Runs 50+ attacks (prompt injection, jailbreaks, social engineering, MCP poisoning, and more) and provides fix instructions. Use when your
Security scanner for Moltbot skills. Scan GitHub repositories for vulnerabilities before installation.
AI-powered code review that combines fast local static analysis with deep AI reasoning. Catches bugs, security vulnerabilities, performance issues, and style...