Requirements
- Target platform
- OpenClaw
- Install method
- Manual import
- Extraction
- Extract archive
- Prerequisites
- OpenClaw
- Primary doc
- SKILL.md
Tencent SkillHub ยท Productivity
Security Sentinel
Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.
skill openclawclawhub Free
Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.
โฌ 0 downloads โ
0 stars Unverified but indexed
Install for OpenClaw
Known item issue.
This item's current download entry is known to bounce back to a listing or homepage instead of returning a package file.
Quick setup
- Open the source page and confirm the package flow manually.
- Review SKILL.md if you can obtain the files.
- Treat this source as manual setup until the download is verified.
Package facts
- Download mode
- Manual review
- Package format
- ZIP package
- Source platform
- Tencent SkillHub
- What's included
- SKILL.md, _meta.json, index.js, package-lock.json, package.json, scan.js
Validation
- Open the source listing and confirm there is a real package or setup artifact available.
- Review SKILL.md before asking your agent to continue.
- Treat this source as manual setup until the upstream download flow is fixed.
Install with your agent
Agent handoff
Use the source page and any available docs to guide the install because the item currently does not return a direct package file.
- Open the source page via Open source listing.
- If you can obtain the package, extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the source page and extracted files.
New install
I tried to install a skill package from Yavira, but the item currently does not return a direct package file. Inspect the source page and any extracted docs, then tell me what you can confirm and any manual steps still required.
Upgrade existing
I tried to upgrade a skill package from Yavira, but the item currently does not return a direct package file. Compare the source page and any extracted docs with my current installation, then summarize what changed and what manual follow-up I still need.
Trust & source
Release facts
- Source
- Tencent SkillHub
- Verification
- Indexed source record
- Version
- 1.0.1
Provenance
- Publisher
- autogame-17
- Source page
- View original listing
- Canonical URL
- Open canonical page
Documentation
Security Sentinel
A unified security scanner for OpenClaw workspaces. Detects vulnerabilities in dependencies (npm audit), exposed secrets (regex patterns), and unsafe file permissions.
CLI
Run a full security scan: node skills/security-sentinel/index.js This will output a JSON report to stdout. If risks are detected (high/critical vulnerabilities, secrets, or bad permissions), it exits with code 1.
Options
--skip-audit: Skip the npm audit step (faster) --no-fail: Do not exit with code 1 even if risks are detected (useful for monitoring only)
Programmatic
const sentinel = require('./skills/security-sentinel'); const report = await sentinel.scan(); if (report.status === 'risk_detected') { console.error('Security issues found:', report); }
Features
Dependency Audit: Runs npm audit to check package.json dependencies for known CVEs. Secret Detection: Scans workspace files for patterns resembling API keys, passwords, and private keys. Permission Check: Verifies critical files (package.json, .env) are not world-writable.
Configuration
Ignored Paths: node_modules, .git, logs, temp, .openclaw/cache. Secret Patterns: Generic API Key, Password, Private Key, Feishu App Secret.
Category context
Workflow acceleration for inboxes, docs, calendars, planning, and execution loops.
Source: Tencent SkillHub
Largest current source with strong distribution and engagement signals.
Package contents
Included in package
3 Config2 Scripts1 Docs
- SKILL.md
- index.js
- scan.js
- _meta.json
- package-lock.json
- package.json