ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 4/5

obekt-security

Basic threat detection and security analysis for code, files, and agent skills. Use when you need to scan for vulnerabilities, validate security patterns, detect malicious patterns, or audit codebases for security issues.

Why use this skill?

Enhance your OpenClaw agent security with obekt-security. Scan code for vulnerabilities, detect hardcoded secrets, and audit agent skills to ensure safe, secure, and reliable AI operation.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/obekt/obekt-security
Or

What This Skill Does

obekt-security is a comprehensive threat detection and security analysis toolkit designed specifically for OpenClaw agents. It serves as a static analysis engine to identify vulnerabilities within codebase, agent skills, and local files. By utilizing pattern-based scanning, it helps developers and security-conscious users identify critical risks before deployment or during periodic audits. The skill is engineered to flag common attack vectors such as SQL injection, Cross-Site Scripting (XSS), command injection, and insecure cryptographic practices. Beyond basic syntax analysis, it provides specific auditing workflows to ensure that agent skills adhere to the principle of least privilege, secure input handling, and robust authentication mechanisms.

Installation

Installation is straightforward. For base functionality requiring no external dependencies, simply use the OpenClaw package manager:

clawhub install openclaw/skills/skills/obekt/obekt-security

If you require continuous monitoring or automated report generation, ensure you have Python 3.8+ installed and install the watchdog utility: pip install watchdog

Use Cases

This skill is indispensable for developers managing AI agents. Use it to scan new skill contributions before integrating them into your agent, audit your personal codebase for accidentally committed API keys or hardcoded credentials, and verify that your file handling operations are safe from path traversal vulnerabilities. It acts as a gatekeeper in your development pipeline, ensuring that security-critical code paths are audited for common pitfalls like weak entropy in random number generation or insecure default configurations.

Example Prompts

  1. "Run a security audit on the skill located at ./skills/my-custom-tool and generate a markdown report of any critical vulnerabilities."
  2. "Scan my current working directory for any hardcoded API keys, secrets, or plain-text passwords that might have been committed to source control."
  3. "Audit the codebase in /src for command injection risks and insecure file operation patterns."

Tips & Limitations

obekt-security is a static analysis tool; while it is highly effective at identifying known patterns and common security anti-patterns, it is not a substitute for human security review or dynamic penetration testing. It cannot execute code to verify the logical impact of a vulnerability, nor can it identify complex, business-logic-specific flaws that require deep context. Always use this tool in conjunction with manual code reviews. For best results, scan frequently during your development cycle rather than waiting until the end of a project. Ensure you keep the skill updated via clawhub to receive the latest pattern definitions.

Read Full Documentation on GitHub

Metadata

Author@obekt
Stars1287
Views0
Updated2026-02-22
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-obekt-obekt-security": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#security#vulnerability-scan#code-audit#cybersecurity#devsecops
Safety Score: 4/5

Flags: file-read, code-execution