๐Ÿ”
12917 skills
โ† All skills
Tencent SkillHub ยท Developer Tools

Mobb Vulnerabilities Fixer

Scan, fix, and remediate security vulnerabilities in a local code repository using Mobb MCP/CLI. Use when the user asks to scan for vulnerabilities, run a security check, auto-fix issues, remediate findings, or apply Mobb fixes (e.g., \"scan this repo\", \"fix security issues\", \"remediate vulnerabilities\", \"run Mobb on my changes\").

skill openclawclawhub Free
0 Downloads
0 Stars
0 Installs
0 Score
High Signal

Scan, fix, and remediate security vulnerabilities in a local code repository using Mobb MCP/CLI. Use when the user asks to scan for vulnerabilities, run a security check, auto-fix issues, remediate findings, or apply Mobb fixes (e.g., \"scan this repo\", \"fix security issues\", \"remediate vulnerabilities\", \"run Mobb on my changes\").

โฌ‡ 0 downloads โ˜… 0 stars Unverified but indexed

Install for OpenClaw

Quick setup
  1. Download the package from Yavira.
  2. Extract the archive and review SKILL.md first.
  3. Import or place the package into your OpenClaw setup.

Requirements

Target platform
OpenClaw
Install method
Manual import
Extraction
Extract archive
Prerequisites
OpenClaw
Primary doc
SKILL.md

Package facts

Download mode
Yavira redirect
Package format
ZIP package
Source platform
Tencent SkillHub
What's included
SKILL.md, agents/openai.yaml, references/mcp-scan-fix.md, references/mobb-auth.md

Validation

  • Use the Yavira download entry.
  • Review SKILL.md after the package is downloaded.
  • Confirm the extracted package contains the expected setup assets.

Install with your agent

Agent handoff

Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.

  1. Download the package from Yavira.
  2. Extract it into a folder your agent can access.
  3. Paste one of the prompts below and point your agent at the extracted folder.
New install

I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.

Upgrade existing

I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.

Open Send to Agent page Open JSON manifest Open Markdown brief

Trust & source

Release facts

Source
Tencent SkillHub
Verification
Indexed source record
Version
0.1.2

Documentation

ClawHub primary doc Primary doc: SKILL.md 7 sections Open source page

Overview

Use Mobb MCP scan-and-fix behavior to identify security issues in a local repo and apply the generated patches. Follow the MCP workflow exactly, including file selection, pagination, and rescan rules.

Scan and Fix (default)

Confirm target repository path. Use an absolute path to the repository root. Reject paths with traversal patterns. If the user gives . and a workspace root is known, use it. Ensure Mobb authentication is available. Prefer API_KEY in the environment. If missing or invalid, inform the user a browser window will open for Mobb login and authorization, then proceed once authenticated. If the user has no account, instruct them to create one and generate an API key. See references/mobb-auth.md. Require MCP to be already running. Do not install or launch MCP yourself. Ask the user to start the Mobb MCP server on their machine using their approved process and confirm it is running before you proceed. Execute MCP scan-and-fix. Invoke the MCP tool scan_and_fix_vulnerabilities with the repository path. Use optional parameters only when the user explicitly asks. Required parameter: path: absolute path to the repository root Optional parameters: offset: pagination offset for additional fixes limit: maximum number of fixes to return (default is 3) maxFiles: scan up to N recently changed files (default is 10); setting this triggers a fresh scan rescan: force a full rescan; only when user explicitly asks scanRecentlyChangedFiles: when true and no git changes are found, scan recently changed files from history Apply returned fixes only with explicit user consent. If the tool returns patches, summarize what will change and ask the user to confirm before applying. Apply patches exactly as provided, modify nothing else, and explain after applying. If a patch cannot be applied, report the exact conflict and continue with others the user approved. Never auto-rescan or auto-page. Do not rescan or fetch additional pages of fixes unless the user explicitly asks. If more fixes are available, inform the user how to request the next page.

Fetch Available Fixes (summary only)

Use when the user wants a summary of available fixes without uploading/scanning or applying patches. Call fetch_available_fixes with: path: absolute path to the repo root offset and limit: optional pagination fileFilter: optional list of relative paths to filter fixes fetchFixesFromAnyFile: optional boolean to fetch fixes for all files fileFilter and fetchFixesFromAnyFile are mutually exclusive. If neither is provided, the tool filters to files with git status changes.

Check for New Available Fixes (monitoring)

Call check_for_new_available_fixes once at the end of a session after edits/tests, or when the user explicitly asks to check for fresh fixes. Behavior notes: Requires a local git repo with an origin remote. If auto-fix is enabled, fixes may be applied automatically; tell the user to review and commit changes. It may return "initial scan in progress" or "no fresh fixes" depending on timing.

File Selection Rules (scan_and_fix_vulnerabilities)

If the path is a valid git repo, scan only changed/staged files by default. If no changes are found and scanRecentlyChangedFiles is true (or maxFiles is set), scan recently changed files from git history. If not a git repo, scan recently changed files in the directory. Exclude files larger than 5 MB.

No-Changes Case

If no changed files are detected, explain the situation and offer a follow-up scan using scanRecentlyChangedFiles and/or maxFiles, but do not run it unless explicitly requested.

Resources

references/mcp-scan-fix.md: MCP scan-and-fix, fetch, and monitoring tool details references/mobb-auth.md: authentication and login flow details

Category context

Code helpers, APIs, CLIs, browser automation, testing, and developer operations.

Source: Tencent SkillHub

Largest current source with strong distribution and engagement signals.

Package contents

Included in package
3 Docs1 Config
  • SKILL.md Primary doc
  • references/mcp-scan-fix.md Docs
  • references/mobb-auth.md Docs
  • agents/openai.yaml Config

Related skills

readyClaw Free
Featured

API Architect

Design contracts before code

Designs contracts before implementation and treats REST, GraphQL, and gRPC as tools rather than dogma.

Developer Tools agent claude
souls.zip $149
Featured

The Dev Team

A four-agent engineering squad for shipping products

Four-agent engineering team spanning CTO, frontend, backend, and design roles, built to mirror the stack behind souls.zip.

Developer Tools team openclaw
readyClaw Free
Featured

Web Platform Engineer

Build for the open web with strong fundamentals

A web engineering agent grounded in HTML semantics, CSS layout systems, and browser-native resilience.

Developer Tools agent claude