Back to Registry View Author Profile
Official Verified
Security Vuln Scanner
Skill by honestqiao
skill-install — Terminal
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/honestqiao/security-vuln-scannerOr
Security Vulnerability Scanner
扫描代码中的安全漏洞,提供修复建议。
功能
- SQL 注入检测
- XSS 跨站脚本检测
- 硬编码密码/密钥检测
- 不安全随机数检测
- 命令注入检测
- 敏感信息泄露检测
- 安全评分
触发词
- "安全扫描"
- "漏洞检测"
- "security scan"
- "vulnerability"
检测模式
const patterns = {
sqlInjection: /query\s*\(\s*['"`].*\$\{/,
xss: /innerHTML\s*=|document\.write/,
hardcodedSecret: /password\s*=\s*['"][^'"]+['"]/,
insecureRandom: /Math\.random\(\)/,
commandInjection: /exec\s*\(\s*\$\{/
};
输出示例
{
"vulnerabilities": [
{
"type": "sql_injection",
"line": 42,
"severity": "high",
"message": "检测到SQL注入风险"
}
],
"score": 65
}
Metadata
AI Skill Finder
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skill Add to Configuration
Paste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-honestqiao-security-vuln-scanner": {
"enabled": true,
"auto_update": true
}
}
}Safety NoteClawKit audits metadata but not runtime behavior. Use with caution.
Related Skills
clawra-selfie
Generate AI images using MiniMax or fal.ai (Grok Imagine) and send to messaging channels via OpenClaw
honestqiao 2387
zhipu-image
Generate images using Zhipu AI's CogView model
honestqiao 2387
Regex Generator
Skill by honestqiao
honestqiao 2387
zhipu-embeddings
Use Zhipu (智谱) web embeddings API for embeddingsing the internet. Use when user asks for web embeddings, latest news, or needs current information.
honestqiao 2387
doubao-image
Use Zhipu (智谱) web search API for searching the internet. Use when user asks for web search, latest news, or needs current information.
honestqiao 2387