security-report

Guides reporters through private vulnerability reporting, ensuring secure routing and acknowledgment without public exposure.

Install this skill

63/100

Security score

The security-report skill was audited on Jun 8, 2026 and we found 5 security issues across 4 threat categories, including 2 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

medium line 135

Template literal with variable interpolation in command context

SourceSKILL.md

135

```bash

high line 231

Curl to non-GitHub URL

SourceSKILL.md

231	- curl disclosure policy: https://curl.se/docs/vuln-disclosure.html

high line 216

Access to system keychain/keyring

SourceSKILL.md

216	2. PGP fingerprint mismatch — the declared SECURITY.md fingerprint doesn't match the resolved keyring entry. Possible MITM or stale key; manual verification required.

low line 231

External URL reference

SourceSKILL.md

231	- curl disclosure policy: https://curl.se/docs/vuln-disclosure.html

low line 233

External URL reference

SourceSKILL.md

233	- CVE Numbering Authorities: https://www.cve.org/PartnerInformation/ListofPartners

Scanned on Jun 8, 2026

View Security Dashboard

Installation guide →

GitHub Stars 144

Rate this skill

Categorydevelopment

UpdatedJune 15, 2026

openclaw api security-engineer compliance-officer technical-support development legal support

jmagly/aiwg