Vulnerability Scanner
Skill by brandonwise
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/brandonwise/vulnerability-scannerWhat This Skill Does
The Vulnerability Scanner skill is an advanced static analysis toolkit designed to identify security flaws within source code projects. By leveraging the framework of the OWASP Top 10:2025, it provides automated assessment of codebases, helping developers and security engineers proactively address risks before they reach production. The scanner is specifically tuned to detect dangerous patterns like injection vulnerabilities, insecure configurations, and credential leakage, while providing a modern approach to supply chain integrity monitoring.
Installation
To integrate this tool into your OpenClaw environment, execute the following command in your terminal:
clawhub install openclaw/skills/skills/brandonwise/vulnerability-scanner
Use Cases
This skill is best utilized during the development lifecycle for pre-commit checks and routine security hygiene. Key use cases include: auditing legacy codebases for outdated dependency patterns, ensuring hardcoded secrets are not committed to repositories, and performing comprehensive risk prioritization following architectural design changes. It is particularly valuable for teams transitioning to the 2025 OWASP standards, as it maps directly to new categories like Software Supply Chain and Exceptional Conditions.
Example Prompts
- "Perform a full vulnerability scan on the project located in ./src and provide a summary of high-risk items."
- "Scan my current repository specifically for exposed API keys or hardcoded credentials using the vulnerability scanner."
- "Review the project dependencies and code patterns for potential A03 Supply Chain risks and A01 Access Control issues."
Tips & Limitations
To get the most out of this tool, always consult the included checklists.md before remediation. Remember that this tool is strictly a static analysis instrument; it cannot replicate the dynamic runtime interactions found during a live penetration test. Do not rely on it for binary analysis or compliance certification (e.g., PCI-DSS or HIPAA), as those require specialized regulatory tooling. For the best results, run the scan as a CI step or a pre-deployment checkpoint, and always focus on remediating the root causes identified in the security report rather than simply suppressing the alerts.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-brandonwise-vulnerability-scanner": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, code-execution