security-scanner

Provides comprehensive security scanning for codebases, detecting vulnerabilities, secrets, and compliance violations across various environments.

Install this skill

or

46/100

Security score

The security-scanner skill was audited on Feb 28, 2026 and we found 42 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 552

System command execution

SourceSKILL.md

552	"code": "os.system(f'tar -czf backup.tar.gz {directory}')",

medium line 552

Python os.system command execution

SourceSKILL.md

552	"code": "os.system(f'tar -czf backup.tar.gz {directory}')",

medium line 555

Python subprocess execution

SourceSKILL.md

555	"remediation": "Use subprocess with argument list: subprocess.run(['tar', '-czf', 'backup.tar.gz', directory])",

low line 397

Webhook reference - potential data exfiltration

SourceSKILL.md

397	"slack_webhook": null,

low line 153

Access to hidden dotfiles in home directory

SourceSKILL.md

153	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 158

Access to hidden dotfiles in home directory

SourceSKILL.md

158	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 164

Access to hidden dotfiles in home directory

SourceSKILL.md

164	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 170

Access to hidden dotfiles in home directory

SourceSKILL.md

170	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 180

Access to hidden dotfiles in home directory

SourceSKILL.md

180	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 186

Access to hidden dotfiles in home directory

SourceSKILL.md

186	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 192

Access to hidden dotfiles in home directory

SourceSKILL.md

192	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 202

Access to hidden dotfiles in home directory

SourceSKILL.md

202	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 207

Access to hidden dotfiles in home directory

SourceSKILL.md

207	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 214

Access to hidden dotfiles in home directory

SourceSKILL.md

214	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 225

Access to hidden dotfiles in home directory

SourceSKILL.md

225	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 230

Access to hidden dotfiles in home directory

SourceSKILL.md

230	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 236

Access to hidden dotfiles in home directory

SourceSKILL.md

236	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 247

Access to hidden dotfiles in home directory

SourceSKILL.md

247	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 252

Access to hidden dotfiles in home directory

SourceSKILL.md

252	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 258

Access to hidden dotfiles in home directory

SourceSKILL.md

258	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 268

Access to hidden dotfiles in home directory

SourceSKILL.md

268	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 274

Access to hidden dotfiles in home directory

SourceSKILL.md

274	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 281

Access to hidden dotfiles in home directory

SourceSKILL.md

281	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 291

Access to hidden dotfiles in home directory

SourceSKILL.md

291	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 297

Access to hidden dotfiles in home directory

SourceSKILL.md

297	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 304

Access to hidden dotfiles in home directory

SourceSKILL.md

304	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 416

Access to hidden dotfiles in home directory

SourceSKILL.md

416	python ~/.claude/skills/security-scanner/scripts/main.py

low line 427

Access to hidden dotfiles in home directory

SourceSKILL.md

427	python ~/.claude/skills/security-scanner/scripts/main.py

low line 433

Access to hidden dotfiles in home directory

SourceSKILL.md

433	python ~/.claude/skills/dependency-guardian/scripts/main.py --operation check

low line 434

Access to hidden dotfiles in home directory

SourceSKILL.md

434	python ~/.claude/skills/security-scanner/scripts/main.py --operation scan-dependencies

low line 442

Access to hidden dotfiles in home directory

SourceSKILL.md

442	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 452

Access to hidden dotfiles in home directory

SourceSKILL.md

452	python ~/.claude/skills/security-scanner/scripts/main.py --operation scan-container

low line 453

Access to hidden dotfiles in home directory

SourceSKILL.md

453	python ~/.claude/skills/container-validator/scripts/main.py --operation validate

low line 463

Access to hidden dotfiles in home directory

SourceSKILL.md

463	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 509

Access to hidden dotfiles in home directory

SourceSKILL.md

509	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 568

Access to hidden dotfiles in home directory

SourceSKILL.md

568	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 642

Access to hidden dotfiles in home directory

SourceSKILL.md

642	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 704

Access to hidden dotfiles in home directory

SourceSKILL.md

704	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 761

Access to hidden dotfiles in home directory

SourceSKILL.md

761	python ~/.claude/skills/security-scanner/scripts/main.py \

low line 536

External URL reference

SourceSKILL.md

536	"references": ["https://owasp.org/www-community/attacks/SQL_Injection"]

low line 546

External URL reference

SourceSKILL.md

546	"references": ["https://owasp.org/www-community/attacks/xss/"]

low line 556

External URL reference

SourceSKILL.md

556	"references": ["https://owasp.org/www-community/attacks/Command_Injection"]

Scanned on Feb 28, 2026

View Security Dashboard

Installation guide →

GitHub Stars 22

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

openclaw backend devops security-engineer devops-sre backend-developer qa-engineer data-engineer docker kubernetes terraform aws gcp azure development

mattnigh/skills_collection