security-audit

Conducts comprehensive security audits to identify vulnerabilities, insecure defaults, and supply chain risks based on Trail of Bits methodology.

Install this skill

8/100

Security score

The security-audit skill was audited on May 15, 2026 and we found 8 security issues across 3 threat categories, including 3 critical. Review the findings below before installing.

Categories Tested

Security Issues

critical line 125

Direct command execution function call

SourceSKILL.md

125	\| `eval(`, `exec(` \| Code execution \|

critical line 125

Eval function call - arbitrary code execution

SourceSKILL.md

125	\| `eval(`, `exec(` \| Code execution \|

critical line 136

Eval function call - arbitrary code execution

SourceSKILL.md

136	\| `eval(`, `new Function(` \| Code execution \|

medium line 97

Webhook reference - potential data exfiltration

SourceSKILL.md

97	- Webhook secret validation bypass scenarios

medium line 101

Webhook reference - potential data exfiltration

SourceSKILL.md

101	- Webhook signature verification failure handling

low line 219

Webhook reference - potential data exfiltration

SourceSKILL.md

219	- [ ] Payment/webhook validation confirmed

medium line 24

Access to .env file

SourceSKILL.md

24	- Example/template files (`.example`, `.env.example`)

low line 55

Access to .env file

SourceSKILL.md

55	process\.env\.[A-Z_]+ \\|\\| ['"]

Scanned on May 15, 2026

View Security Dashboard

Installation guide →

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

openclaw backend security-engineer devops-sre backend-developer development

kennyolofsson23-netizen/claude-code-config