Harness
Harness streamlines project initialization by setting up development environments, documentation, and security standards for new projects.
Install this skill
or
70/100
Security score
The Harness skill was audited on May 12, 2026 and we found 4 security issues across 2 threat categories, including 1 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
medium line 41
Access to hidden dotfiles in home directory
SourceSKILL.md
| 41 | **2.1 Check Installed Skills**: Scan `~/.claude/skills/`, compare against `references/skill-ecosystem.md` to display installation status ([✅/❌] for each core Skill) |
medium line 43
Access to hidden dotfiles in home directory
SourceSKILL.md
| 43 | **2.2 Install Bundled Skills**: Batch install `bundled-skills/` to `~/.claude/skills/` via symlink. Skills requiring additional configuration (web-vuln-analyzer needs Docker + API / android-vuln-analy |
medium line 53
Access to hidden dotfiles in home directory
SourceSKILL.md
| 53 | **2.5 Project-Specific Skill Check**: Check `.claude/skills/` and `~/.claude/skills/security-review-skill-for-*`, prompt to generate if no match found |
high line 49
Prompting for password/secret input
SourceSKILL.md
| 49 | - **Enterprise Security Gate Hooks** (optional): pre-commit secret check / commit format validation / dangerous command interception / code write security scan — ask user whether to enable. See `refer |
Scanned on May 12, 2026
View Security DashboardGitHub Stars 325
Rate this skill
Categoryproject management
UpdatedMay 13, 2026
openclawdevopsbackendfrontendproject-managerdevops-srefrontend-developerbackend-developerfullstack-developergithubdockerproject managementdevelopment
xwtro0tk1t-cloud/harness