Security Sentinel
v1.0.1扫描 the workspace for security vulnerabilities, exposed secrets, and misconfigurations.
by 运行时依赖
安装命令
点击复制技能文档
Security Sentinel
A unified security 扫描器 for OpenClaw workspaces. 检测s vulnerabilities in dependencies (npm 审计), exposed secrets (regex patterns), and unsafe file 权限s.
Usage 命令行工具
运行 a full security 扫描:
node 技能s/security-sentinel/索引.js
This will 输出 a JSON 报告 to stdout. If risks are 检测ed (high/critical vulnerabilities, secrets, or bad 权限s), it exits with code 1.
Options --skip-审计: Skip the npm 审计 step (faster) --no-fAIl: Do not exit with code 1 even if risks are 检测ed (useful for 监控ing only) Programmatic const sentinel = require('./技能s/security-sentinel');
const 报告 = awAIt sentinel.扫描();
if (报告.状态 === 'risk_检测ed') { console.error('Security issues found:', 报告); }
Features Dependency 审计: 运行s npm 审计 to 检查 package.json dependencies for known CVEs. Secret 检测ion: 扫描s workspace files for patterns resembling API keys, passwords, and private keys. 权限 检查: Verifies critical files (package.json, .env) are not world-writable. Configuration Ignored Paths: node_模块s, .git, 记录s, temp, .OpenClaw/缓存. Secret Patterns: Generic API Key, Password, Private Key, Feishu 应用 Secret.