首页 / 技能 / Security Vulnerability Scanner — 安全防护工具

📦 Security Vulnerability Scanner — 安全防护工具

v1.0.0

Security Vulnerability Scanner是一款实用的工具技能,能够帮助用户完成相关任务,提升工作效率。

0· 1.2k·4 当前·5 累计
honestqiao 头像by @honestqiao
安全开发工具数据库代码生成
下载技能包
0
安全扫描
VirusTotal
无害
查看报告
OpenClaw
安全
high confidence
The skill's requirements and instructions match its stated purpose (a simple, regex-based static vulnerability scanner); it asks for no credentials or installs and does not perform unexpected actions.
评估建议
This skill is a simple, local regex-based scanner that expects you to pass code as a string and returns pattern matches and a score. It does not request credentials or install software, so it is internally coherent. However, the detection rules are basic and JavaScript-centric — expect false positives and missed issues. Before relying on it for security decisions, review and extend its patterns for your languages, test it on known vulnerable/clean samples, and prefer established static analysis ...
详细分析 ▾
用途与能力
Name and description (static vulnerability scanning) match the provided runtime instructions and patterns. The skill is instruction-only and expects code as input (scan_vulnerabilities(code, language)), which is consistent with its purpose.
指令范围
Instructions implement simple regex-based checks embedded in SKILL.md/skill.yaml and do not direct the agent to read files, environment variables, or external endpoints. Note: the scan is purely pattern matching (JavaScript-oriented patterns) and lacks guidance on how code is supplied or on multi-language support; this limits coverage and may produce false positives/negatives.
安装机制
No install spec or external downloads — lowest-risk configuration (instruction-only), nothing is written to disk by an installer.
凭证需求
The skill requests no environment variables, credentials, or config paths; this is proportionate for a static analyzer that operates on provided code strings.
持久化与权限
always is false and the skill does not request elevated or persistent privileges. Autonomous invocation is allowed by default but is not combined with any broad credential access or persistent modification.
安全有层次,运行前请审查代码。

运行时依赖

无特殊依赖

安装命令

点击复制
官方npx clawhub@latest install security-vuln-scanner
镜像加速npx clawhub@latest install security-vuln-scanner --registry https://cn.longxiaskill.com
数据来源ClawHub ↗ · 中文优化:龙虾技能库