ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 4/5

clawsec-feed

Security advisory feed with automated NVD CVE polling for OpenClaw-related vulnerabilities. Updated daily.

Why use this skill?

Monitor NVD CVEs for OpenClaw, clawdbot, and Moltbot. Keep your AI agents secure with daily automated security advisory updates from Prompt Security.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/davida-ps/clawsec-feed
Or

What This Skill Does

The clawsec-feed skill acts as a dedicated security telemetry engine for your OpenClaw environment. It continuously monitors the NIST National Vulnerability Database (NVD) to fetch the latest Common Vulnerabilities and Exposures (CVEs) relevant to the OpenClaw ecosystem, including clawdbot and Moltbot. By automating the polling process, this skill ensures that your agent remains updated on emerging threats without requiring manual oversight. It functions as a proactive defense mechanism, alerting users or other agent services to critical patches, known exploits, or security configuration recommendations that could impact the integrity of your AI agent deployments. Developed by Prompt Security, it serves as a foundational component for maintainers who prioritize system hardening and risk mitigation.

Installation

You can install clawsec-feed using two primary methods. For a comprehensive security posture, it is recommended to install it bundled with the ClawSec Suite, which handles dependencies automatically and places the skill in the standard ~/.openclaw/skills/clawsec-feed/ directory. Alternatively, you may perform a standalone installation if you require fine-grained control. To do this, first determine the latest release tag using the GitHub API via curl: LATEST_TAG=$(curl -sSL https://api.github.com/repos/prompt-security/ClawSec/releases | jq -r '[.[] | select(.tag_name | startswith("clawsec-feed-v"))][0].tag_name'). Once retrieved, create the target directory with mkdir -p ~/.openclaw/skills/clawsec-feed and use clawhub install openclaw/skills/skills/davida-ps/clawsec-feed to fetch the necessary binaries and documentation files.

Use Cases

This skill is ideal for security-conscious DevOps teams managing AI agent fleets. Use it to automate vulnerability scanning pipelines, trigger alerts in Slack or Discord whenever a new vulnerability is assigned to an OpenClaw-related library, and audit the current threat landscape of your agent's dependencies. It is also an essential tool for penetration testers evaluating the security posture of autonomous agent frameworks.

Example Prompts

  1. "Check the clawsec-feed for any new critical vulnerabilities reported in the last 24 hours."
  2. "List all recent CVEs associated with Moltbot and provide a summary of the recommended mitigations."
  3. "Summarize the current threat intelligence regarding OpenClaw core libraries and tell me if I need to update my agent environment."

Tips & Limitations

Always verify the integrity of the downloaded files, especially when running in standalone mode. Note that this skill only monitors databases for known public vulnerabilities (CVEs); it does not provide real-time scanning for zero-day exploits or internal code vulnerabilities. Ensure your agent has reliable network access, as the feed requires external connectivity to the NIST NVD and GitHub infrastructure to maintain its daily update cycle.

Read Full Documentation on GitHub

Metadata

Author@davida-ps
Stars2387
Views0
Updated2026-03-09
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-davida-ps-clawsec-feed": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#security#vulnerability#cve#cybersecurity#compliance
Safety Score: 4/5

Flags: network-access, file-read, file-write

Related Skills

openclaw-audit-watchdog

Automated daily security audits for OpenClaw agents with email reporting. Runs deep audits and sends formatted reports.

davida-ps 2387

clawtributor

Community incident reporting for AI agents. Contribute to collective security by reporting threats.

davida-ps 2387

soul-guardian

Drift detection + baseline integrity guard for agent workspace files with automatic alerting support

davida-ps 2387

clawsec-scanner

Automated vulnerability scanner for agent platforms. Performs dependency scanning (npm audit, pip-audit), multi-database CVE lookup (OSV, NVD, GitHub Advisory), SAST analysis (Semgrep, Bandit), and basic DAST security testing for skill hooks.

davida-ps 2387

clawsec-nanoclaw

Use when checking for security vulnerabilities in NanoClaw skills, before installing new skills, or when asked about security advisories affecting the bot

davida-ps 2387