gnezim/clawsec
1
0
Fork 0
mirror of https://github.com/prompt-security/clawsec.git synced 2026-06-13 05:28:02 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
1e48a955ccf7f9a4b5d4aaedfbb9f47779348595
clawsec/skills/clawsec-scanner/skill.json
T
David Abutbul 1e48a955cc fix(release): exclude tests from skill payloads (#230) 
* fix(release): exclude tests from skill payloads

* fix(release): normalize test path filtering

* fix(release): prefer GitHub artifacts for non-OpenClaw installs

* fix(release): keep legacy ClawHub publishing

* fix(release): address skill packaging review feedback

* chore(skills): bump release versions

* feat(skills): surface recommended platforms

* docs(skills): add signed release verification

* fix(skills): normalize PR version bumps

---------

Co-authored-by: David Abutbul <David.a@prompt.security>
2026-05-14 14:38:58 +03:00

128 lines
3.6 KiB
JSON
Raw Blame History

{
"name": "clawsec-scanner",
"version": "0.0.3",
"description": "Automated vulnerability scanner for agent platforms. Performs dependency scanning (npm audit, pip-audit), multi-database CVE lookup (OSV, NVD, GitHub Advisory), SAST analysis (Semgrep, Bandit), and agent-specific DAST hook execution testing for OpenClaw hooks.",
"author": "prompt-security",
"license": "AGPL-3.0-or-later",
"homepage": "https://clawsec.prompt.security/",
"keywords": [
"security",
"vulnerability",
"scanner",
"dependency",
"cve",
"sast",
"dast",
"audit",
"agents",
"ai",
"openclaw",
"semgrep",
"bandit",
"osv",
"nvd"
],
"sbom": {
"files": [
{
"path": "SKILL.md",
"required": true,
"description": "Scanner skill documentation and usage guide"
},
{
"path": "CHANGELOG.md",
"required": true,
"description": "Version history and feature changelog"
},
{
"path": "scripts/runner.sh",
"required": true,
"description": "Main orchestration script for running all scanner engines"
},
{
"path": "scripts/scan_dependencies.mjs",
"required": true,
"description": "Dependency scanner using npm audit and pip-audit with JSON parsing"
},
{
"path": "scripts/query_cve_databases.mjs",
"required": true,
"description": "Multi-database CVE lookup (OSV primary, NVD/GitHub fallback)"
},
{
"path": "scripts/sast_analyzer.mjs",
"required": true,
"description": "Static analysis engine running Semgrep and Bandit as subprocesses"
},
{
"path": "scripts/dast_runner.mjs",
"required": true,
"description": "Dynamic analysis harness executing OpenClaw hook handlers with malicious-input and timeout checks"
},
{
"path": "scripts/dast_hook_executor.mjs",
"required": true,
"description": "Isolated hook execution helper used by DAST for real OpenClaw harness testing"
},
{
"path": "scripts/setup_scanner_hook.mjs",
"required": false,
"description": "Hook installer for continuous monitoring integration"
},
{
"path": "lib/report.mjs",
"required": true,
"description": "Unified vulnerability report generator (JSON and human-readable formats)"
},
{
"path": "lib/utils.mjs",
"required": true,
"description": "Shared utility functions for subprocess execution and JSON parsing"
},
{
"path": "lib/types.ts",
"required": true,
"description": "TypeScript type definitions for Vulnerability and ScanReport schemas"
},
{
"path": "hooks/clawsec-scanner-hook/HOOK.md",
"required": false,
"description": "OpenClaw hook metadata for continuous scanning integration"
},
{
"path": "hooks/clawsec-scanner-hook/handler.ts",
"required": false,
"description": "OpenClaw hook handler for periodic vulnerability scanning"
}
]
},
"openclaw": {
"emoji": "🔍",
"category": "security",
"requires": {
"bins": [
"node",
"npm",
"python3",
"pip-audit",
"semgrep",
"bandit",
"jq",
"curl"
]
},
"triggers": [
"vulnerability scan",
"security scan",
"dependency scan",
"cve scan",
"sast scan",
"run scanner",
"scan vulnerabilities",
"check vulnerabilities",
"audit dependencies",
"security check"
]
}
}
Reference in New Issue View Git Blame Copy Permalink