首页龙虾技能列表 › Security Auditor Tk — 技能工具

Security Auditor Tk — 技能工具

v1.0.0

Run security audits on Linux servers, web applications, and cloud infrastructure. Checks SSH hardening, firewall rules, open ports, SSL/TLS config, file perm...

0· 80·0 当前·0 累计
by @tktk-ai·MIT-0
下载技能包
License
MIT-0
最后更新
2026/4/9
安全扫描
VirusTotal
无害
查看报告
OpenClaw
安全
high confidence
The skill's instructions, included checklists, and fix commands align with its stated purpose (server, web, and cloud security audits); nothing in the bundle requests unrelated credentials, binaries, or installs.
评估建议
This skill appears coherent and is a typical instruction-only security auditor, but be careful before allowing any suggested commands to execute: 1) Review all recommended fix commands before running them — many are destructive or change authentication (sed edits, systemctl, mount remount). 2) Run audits in a safe environment or snapshot/back up configs first. 3) For cloud reviews, provide credentials only through secure channels and scope them (read-only where possible). 4) Prefer running the a...
详细分析 ▾
用途与能力
The name/description, SKILL.md, README, and reference docs all describe the same set of audits (SSH, firewall, file perms, TLS, web headers, updates, etc.). There are no declared env vars, required binaries, or config paths that are unrelated to running those checks. The cloud-review section expects provider and connection details from the user, which is consistent with auditing cloud resources.
指令范围
The instructions explicitly direct scanning of system state and producing exact remediation commands (e.g., find /, sed edits to /etc/ssh/sshd_config, mount remount, systemctl operations). This is coherent for an auditor but means the agent will examine many system files and produce commands that, if executed, change system configuration. The SKILL.md does not instruct exfiltration or posting data to external endpoints, but it does rely on the user providing access details for cloud reviews.
安装机制
This is an instruction-only skill with no install spec and no code files executed at install time — lowest risk from installation perspective.
凭证需求
The skill declares no required environment variables or credentials. The cloud review instructions implicitly require cloud credentials or a connection method (user-provided), which is expected for that feature but not declared as required env vars. There are no unrelated credential requests in the package.
持久化与权限
always is false and the skill does not request persistent system modifications or alter other skills. Model invocation is allowed (normal). Note: autonomous invocation plus the ability to produce and run system-altering commands means you should limit execution privileges (do not run as root) unless you explicitly trust the audit results.
安全有层次,运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发,无需署名。

运行时依赖

无特殊依赖

版本

latestv1.0.02026/4/9

Initial release — comprehensive security auditing for servers, web apps, and cloud infrastructure. - Audits SSH, firewall, ports, updates, file permissions, and web app security. - Checks for SSL/TLS misconfigurations, vulnerabilities, and insecure file access. - Produces prioritized reports with exact commands for fixes and verification. - Supports quick audits (e.g., SSH, web app headers) and full server scans. - Includes references for hardening and fix commands.

● 无害

安装命令 点击复制

官方npx clawhub@latest install security-auditor-tk
镜像加速npx clawhub@latest install security-auditor-tk --registry https://cn.clawhub-mirror.com

技能文档

Comprehensive security auditing for Linux servers, web apps, and cloud infrastructure.

What It Does

  • Server Hardening Audit — SSH config, firewall rules, user permissions, kernel parameters
  • Port & Service Scan — Open ports, running services, unnecessary exposure
  • SSL/TLS Analysis — Certificate validity, protocol versions, cipher suites
  • File Permission Check — World-readable configs, SUID binaries, sensitive file exposure
  • Update Status — Pending security patches, EOL software detection
  • Web App Security — Headers, CORS, cookie flags, common misconfigs
  • Report Generation — Prioritized findings with fix commands

Usage

Full Server Audit

Run a full security audit on this server.
Check: SSH, firewall, ports, users, file permissions, updates, SSL.
Output a prioritized report with fix commands.

Quick SSH Hardening Check

Audit SSH configuration:

  • Is root login disabled?
    • 

  • Is password auth disabled?
    • 

  • What port is it on?
    • 

  • Are there any weak ciphers?
    • 

Give me the exact commands to fix any issues.

Web Application Security Check

Check security headers and configuration for: [URL]
Look for:

  • Missing security headers (CSP, HSTS, X-Frame-Options)
    • 

  • SSL/TLS issues
    • 

  • CORS misconfig
    • 

  • Cookie security flags
    • 

  • Information disclosure
    •

Cloud Infrastructure Review

Review my cloud setup for security issues:

  • Provider: [AWS/GCP/DO/Vultr]
    • 

  • Services: [list running services]
    • 

  • Access: [how you connect]
    • 

Focus on: IAM, network exposure, storage permissions, logging

Output Format

# Security Audit Report — [Target]
Date: [Audit date]
Scope: [What was audited]
Risk Level: [Critical/High/Medium/Low]
🔴 Critical Findings


[Finding Title]


  • Risk: [What could happen]
    • 

  • Current State: [What's wrong]
    • 

  • Fix: 
    •
bash [Exact command to fix] 
- Verification: [How to confirm the fix worked]
🟡 Warnings

[Medium-risk findings]
🟢 Passed Checks

[What's already good]
Summary


  • Critical: [X]
    • 

  • Warnings: [X]  
    • 

  • Passed: [X]
    • 

  • Overall Score: [X/100]
    •

Checks Performed

SSH (12 checks)

  • Root login status
  • Password authentication
  • Port configuration
  • Key-based auth enforcement
  • Protocol version
  • Cipher suite strength
  • MaxAuthTries setting
  • LoginGraceTime
  • AllowUsers/AllowGroups
  • Banner configuration
  • Idle timeout
  • X11 forwarding

Firewall (8 checks)

  • UFW/iptables active
  • Default deny policy
  • Unnecessary open ports
  • Rate limiting rules
  • ICMP handling
  • IPv6 rules
  • Logging enabled
  • Fail2ban status

System (10 checks)

  • Pending security updates
  • EOL software
  • SUID/SGID binaries
  • World-writable files
  • Unowned files
  • Cron job permissions
  • tmp/var/tmp permissions
  • Kernel hardening (sysctl)
  • Core dumps disabled
  • Automatic updates configured

Web/SSL (8 checks)

  • Certificate validity/expiry
  • Protocol versions (TLS 1.2+)
  • Cipher suite strength
  • HSTS header
  • Content Security Policy
  • X-Frame-Options
  • X-Content-Type-Options
  • Referrer-Policy

References

  • references/hardening-checklist.md — Complete hardening checklist
  • references/common-fixes.md — Copy-paste fix commands for common issues
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制

了解定制服务