Requirements
- Target platform
- OpenClaw
- Install method
- Manual import
- Extraction
- Extract archive
- Prerequisites
- OpenClaw
- Primary doc
- SKILL.md
Tencent SkillHub ยท Productivity
Security Sentinel
Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.
skill openclawclawhub Free
Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.
โฌ 0 downloads โ
0 stars Unverified but indexed
Install for OpenClaw
Quick setup
- Download the package from Yavira.
- Extract the archive and review SKILL.md first.
- Import or place the package into your OpenClaw setup.
Package facts
- Download mode
- Yavira redirect
- Package format
- ZIP package
- Source platform
- Tencent SkillHub
- What's included
- SKILL.md, _meta.json, index.js, package-lock.json, package.json, scan.js
Validation
- Use the Yavira download entry.
- Review SKILL.md after the package is downloaded.
- Confirm the extracted package contains the expected setup assets.
Install with your agent
Agent handoff
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
New install
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.
Upgrade existing
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.
Trust & source
Release facts
- Source
- Tencent SkillHub
- Verification
- Indexed source record
- Version
- 1.0.1
Provenance
- Publisher
- autogame-17
- Source page
- View original listing
- Canonical URL
- Open canonical page
Documentation
Security Sentinel
A unified security scanner for OpenClaw workspaces. Detects vulnerabilities in dependencies (npm audit), exposed secrets (regex patterns), and unsafe file permissions.
CLI
Run a full security scan: node skills/security-sentinel/index.js This will output a JSON report to stdout. If risks are detected (high/critical vulnerabilities, secrets, or bad permissions), it exits with code 1.
Options
--skip-audit: Skip the npm audit step (faster) --no-fail: Do not exit with code 1 even if risks are detected (useful for monitoring only)
Programmatic
const sentinel = require('./skills/security-sentinel'); const report = await sentinel.scan(); if (report.status === 'risk_detected') { console.error('Security issues found:', report); }
Features
Dependency Audit: Runs npm audit to check package.json dependencies for known CVEs. Secret Detection: Scans workspace files for patterns resembling API keys, passwords, and private keys. Permission Check: Verifies critical files (package.json, .env) are not world-writable.
Configuration
Ignored Paths: node_modules, .git, logs, temp, .openclaw/cache. Secret Patterns: Generic API Key, Password, Private Key, Feishu App Secret.
Category context
Workflow acceleration for inboxes, docs, calendars, planning, and execution loops.
Source: Tencent SkillHub
Largest current source with strong distribution and engagement signals.
Package contents
Included in package
3 Config2 Scripts1 Docs
- SKILL.md
- index.js
- scan.js
- _meta.json
- package-lock.json
- package.json