Automated security auditing for OpenClaw projects. Scans for hardcoded secrets (API keys, tokens) and container vulnerabilities (CVEs) using Trivy. Provides...
数据来源:ClawHub。 在 ClawSkills 查看
选择你使用的 Agent
方法一:命令行安装(推荐)
推荐(无需提前安装 clawhub)
npx clawhub@latest --dir ~/.claude/skills install security-guardian或使用 clawhub CLI(需提前安装)
clawhub --dir ~/.claude/skills install security-guardian⚠️ 需要 Node.js 18+,没有 Node?请使用下方方法二直接下载 ZIP。 安装 Node.js →
方法二:手动下载安装(无需 Node)
下载 ZIP,解压后将文件夹放到以下路径,重启 Agent 即可:
安装路径
~/.claude/skills/security-guardian/💡解压后将文件夹放到上方路径,重启 Agent 即可生效
--- name: security-guardian description: Automated security auditing for OpenClaw projects. Scans for hardcoded secrets (API keys, tokens) and container vulnerabilities (CVEs) using Trivy. Provides structured reports to help maintain a clean and secure codebase. metadata: {"openclaw":{"requires":{"skills":["mema-vault"]}}} ---
System for automated security auditing and credential protection.
Scan specific project directories for hardcoded credentials.
scripts/scan_secrets.pypython3 $WORKSPACE/skills/security-guardian/scripts/scan_secrets.py 1. Execute scan on a specific project or directory. 2. If findings are reported (exit code 1): - Review the file and line number. - Transition: Move the secret to a secure vault (e.g., using the mema-vault skill). - Redact: Replace the plaintext secret in the source code with an environment variable or a vault lookup call.
Analyze Docker images for vulnerabilities prior to deployment.
scripts/scan_container.shbash $WORKSPACE/skills/security-guardian/scripts/scan_container.sh HIGH and CRITICAL severities. Recommend base image updates or security patches.trivy to be installed on the host system.mema-vault.安装 Security Guardian 后,可以对 AI 说这些话来触发它
Help me get started with Security Guardian
Explains what Security Guardian does, walks through the setup, and runs a quick demo based on your current project
Use Security Guardian to automated security auditing for OpenClaw projects
Invokes Security Guardian with the right parameters and returns the result directly in the conversation
What can I do with Security Guardian in my developer & devops workflow?
Lists the top use cases for Security Guardian, with example commands for each scenario
将技能文件夹放到 ~/.claude/skills/security-guardian/ 目录(个人级,所有项目可用),或 .claude/skills/security-guardian/(项目级)。重启 AI 客户端后,用 /security-guardian 主动调用,或让 AI 根据上下文自动发现并使用。
Security Guardian 支持 Claude、Cursor、OpenClaw,可与这些 AI 平台无缝集成,扩展其能力。
Security Guardian 可免费安装使用。请查阅仓库了解许可证信息。
Automated security auditing for OpenClaw projects. Scans for hardcoded secrets (API keys, tokens) and container vulnerabilities (CVEs) using Trivy. Provides...
Security Guardian 属于「Developer & DevOps」分类,该分类的技能帮助 AI 智能体在此领域执行专业任务。
Automate my developer & devops tasks using Security Guardian
Identifies repetitive steps in your workflow and sets up Security Guardian to handle them automatically