java-audit-skill

This skill provides AI-driven security audits for Java and frontend code, identifying vulnerabilities and generating detailed reports.

Install this skill

24/100

Security score

The java-audit-skill skill was audited on May 24, 2026 and we found 22 security issues across 3 threat categories, including 1 critical. Review the findings below before installing.

Categories Tested

Security Issues

high line 581

Direct command execution function call

SourceSKILL.md

581	grep -rn "Runtime\.getRuntime\\|ProcessBuilder\\|exec(" --include=".java" --include=".kt"

critical line 796

Direct command execution function call

SourceSKILL.md

796	发现 `Runtime.exec(cmd)` → 追踪 `cmd` 参数来源 → 检查是否有过滤 → 判断是否来自用户输入

medium line 629

Template literal with variable interpolation in command context

SourceSKILL.md

629

```bash

medium line 659

Template literal with variable interpolation in command context

SourceSKILL.md

659	```powershell

medium line 1713

Template literal with variable interpolation in command context

SourceSKILL.md

1713

```

medium line 1852

Template literal with variable interpolation in command context

SourceSKILL.md

1852

```bash

low line 436

Access to hidden dotfiles in home directory

SourceSKILL.md

436	node ~/.openclaw/workspace/skills/tavily-search/scripts/search.mjs "mvnrepository {groupId} {artifactId}" -n 5

low line 972

Access to hidden dotfiles in home directory

SourceSKILL.md

972	node ~/.openclaw/workspace/skills/tavily-search/scripts/search.mjs "mvnrepository {groupId} {artifactId}" -n 5

low line 415

External URL reference

SourceSKILL.md

415	https://mvnrepository.com/artifact/{groupId}/{artifactId}

low line 420

External URL reference

SourceSKILL.md

420	https://mvnrepository.com/artifact/org.apache.httpcomponents/httpclient

low line 421

External URL reference

SourceSKILL.md

421	https://mvnrepository.com/artifact/com.alibaba/fastjson

low line 422

External URL reference

SourceSKILL.md

422	https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-core

low line 423

External URL reference

SourceSKILL.md

423	https://mvnrepository.com/artifact/org.apache.shiro/shiro-core

low line 445

External URL reference

SourceSKILL.md

445	访问 https://mvnrepository.com/artifact/{groupId}/{artifactId}

low line 461

External URL reference

SourceSKILL.md

461	Step 1: 访问 `https://mvnrepository.com/artifact/org.apache.httpcomponents/httpclient`

low line 507

External URL reference

SourceSKILL.md

507	- 检查 URL: https://mvnrepository.com/artifact/org.apache.httpcomponents/httpclient

low line 513

External URL reference

SourceSKILL.md

513	- 检查 URL: https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-core

low line 956

External URL reference

SourceSKILL.md

956	URL 格式: https://mvnrepository.com/artifact/{groupId}/{artifactId}

low line 959

External URL reference

SourceSKILL.md

959	https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-core

low line 960

External URL reference

SourceSKILL.md

960	https://mvnrepository.com/artifact/com.alibaba/fastjson

low line 961

External URL reference

SourceSKILL.md

961	https://mvnrepository.com/artifact/org.apache.shiro/shiro-core

low line 1480

External URL reference

SourceSKILL.md

1480	- https://example.com/reference

Scanned on May 24, 2026

View Security Dashboard

Installation guide →

GitHub Stars 14

Rate this skill

Categorydevelopment

UpdatedMay 25, 2026

openclaw backend frontend testing security-engineer backend-developer frontend-developer devops-sre qa-engineer development

AuroraProudmoore/java-audit-skill