Automated security scanning and vulnerability detection for web applications, APIs, and infrastructure. Use when you need to scan targets for vulnerabilities, check SSL certificates, find open ports, detect misconfigurations, or perform security audits. Integrates with nmap, nuclei, and other security tools.
数据来源:ClawHub。 在 ClawSkills 查看
选择你使用的 Agent
方法一:命令行安装(推荐)
推荐(无需提前安装 clawhub)
npx clawhub@latest --dir ~/.claude/skills install security-scanner或使用 clawhub CLI(需提前安装)
clawhub --dir ~/.claude/skills install security-scanner⚠️ 需要 Node.js 18+,没有 Node?请使用下方方法二直接下载 ZIP。 安装 Node.js →
方法二:手动下载安装(无需 Node)
下载 ZIP,解压后将文件夹放到以下路径,重启 Agent 即可:
安装路径
~/.claude/skills/security-scanner/💡解压后将文件夹放到上方路径,重启 Agent 即可生效
--- name: security-scanner description: Automated security scanning and vulnerability detection for web applications, APIs, and infrastructure. Use when you need to scan targets for vulnerabilities, check SSL certificates, find open ports, detect misconfigurations, or perform security audits. Integrates with nmap, nuclei, and other security tools. ---
Automated security scanning toolkit for penetration testing and vulnerability assessment.
nmap -sV -sC -oN scan.txt TARGET
nuclei -u TARGET -o results.txt
sslscan TARGET
Fast initial scan for live hosts and open ports:
nmap -sn -T4 SUBNET # Host discovery
nmap -F TARGET # Fast port scan (top 100)
Comprehensive port and service detection:
nmap -p- -sV -sC -A TARGET -oN full_scan.txt
nuclei -u https://TARGET -t cves/ -t vulnerabilities/ -o web_vulns.txt
nikto -h TARGET -o nikto_report.txt
sslscan TARGET
testssl.sh TARGET
Save reports to reports/security-scan-YYYY-MM-DD.md with:
安装 Security Scanner 后,可以对 AI 说这些话来触发它
Help me get started with Security Scanner
Explains what Security Scanner does, walks through the setup, and runs a quick demo based on your current project
Use Security Scanner to automated security scanning and vulnerability detection for web app...
Invokes Security Scanner with the right parameters and returns the result directly in the conversation
What can I do with Security Scanner in my developer & devops workflow?
Lists the top use cases for Security Scanner, with example commands for each scenario
将技能文件夹放到 ~/.claude/skills/security-scanner/ 目录(个人级,所有项目可用),或 .claude/skills/security-scanner/(项目级)。重启 AI 客户端后,用 /security-scanner 主动调用,或让 AI 根据上下文自动发现并使用。
Security Scanner 支持 Claude、Cursor、OpenClaw,可与这些 AI 平台无缝集成,扩展其能力。
Security Scanner 可免费安装使用。请查阅仓库了解许可证信息。
Automated security scanning and vulnerability detection for web applications, APIs, and infrastructure. Use when you need to scan targets for vulnerabilities, check SSL certificates, find open ports, detect misconfigurations, or perform security audits. Integrates with nmap, nuclei, and other security tools.
Security Scanner 属于「Developer & DevOps」分类,该分类的技能帮助 AI 智能体在此领域执行专业任务。
Automate my developer & devops tasks using Security Scanner
Identifies repetitive steps in your workflow and sets up Security Scanner to handle them automatically