Skip to main content

security-check

Automates security audits for Clawdbot skills, detecting vulnerabilities and ensuring compliance with security standards.

Install this skill

or
0/100

Security score

The security-check skill was audited on Feb 9, 2026 and we found 13 security issues across 3 threat categories, including 6 critical. Review the findings below before installing.

Categories Tested

Security Issues

critical line 114

Direct command execution function call

SourceSKILL.md
114- ❌ No eval() or exec() with user input
critical line 223

Direct command execution function call

SourceSKILL.md
223- eval() or exec() with untrusted input
critical line 114

Eval function call - arbitrary code execution

SourceSKILL.md
114- ❌ No eval() or exec() with user input
critical line 223

Eval function call - arbitrary code execution

SourceSKILL.md
223- eval() or exec() with untrusted input
medium line 69

System command execution

SourceSKILL.md
69"issue": "os.system() usage detected",
medium line 69

Python os.system command execution

SourceSKILL.md
69"issue": "os.system() usage detected",
medium line 184

Access to hidden dotfiles in home directory

SourceSKILL.md
184- `~/.clawdbot/credentials/`
medium line 185

Access to hidden dotfiles in home directory

SourceSKILL.md
185- `~/.aws/credentials`
medium line 186

Access to hidden dotfiles in home directory

SourceSKILL.md
186- `~/.ssh/` directory
medium line 187

Access to hidden dotfiles in home directory

SourceSKILL.md
187- `~/.npmrc` and other config files
critical line 186

Access to SSH directory

SourceSKILL.md
186- `~/.ssh/` directory
critical line 185

Access to AWS credentials directory

SourceSKILL.md
185- `~/.aws/credentials`
high line 189

Access to system keychain/keyring

SourceSKILL.md
189- System keychain
Scanned on Feb 9, 2026
View Security Dashboard
Installation guide →
GitHub Stars 2.2K
Rate this skill
Categorydevelopment
UpdatedApril 10, 2026
openclawtestingsecurity-engineerdevops-sreqa-engineerdevelopment
openclaw/skills