forensics-osquery

Enables SQL-powered forensic investigations and threat hunting across Linux, macOS, and Windows using osquery for rapid evidence collection.

Install this skill

79/100

Security score

The forensics-osquery skill was audited on Feb 28, 2026 and we found 7 security issues across 2 threat categories, including 1 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 119

Access to /etc/shadow

SourceSKILL.md

119	OR (pm.path = '/etc/shadow' OR pm.path LIKE '%SAM%');

low line 23

External URL reference

SourceSKILL.md

23	- https://osquery.io/

low line 24

External URL reference

SourceSKILL.md

24	- https://osquery.readthedocs.io/

low line 489

External URL reference

SourceSKILL.md

489	- [osquery Schema Documentation](https://osquery.io/schema/)

low line 490

External URL reference

SourceSKILL.md

490	- [osquery Deployment Guide](https://osquery.readthedocs.io/en/stable/deployment/)

low line 491

External URL reference

SourceSKILL.md

491	- [osquery SQL Reference](https://osquery.readthedocs.io/en/stable/introduction/sql/)

low line 492

External URL reference

SourceSKILL.md

492	- [MITRE ATT&CK Framework](https://attack.mitre.org/)

Scanned on Feb 28, 2026

View Security Dashboard

Installation guide →

GitHub Stars 278

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

openclaw api testing security-engineer data-analyst ml-ai-engineer devops-sre development data analytics

aiskillstore/marketplace