alibabacloud-openclaw-skill-security-scan
Security Scan Skill
Notation: Throughout this document,
{{SELF}}refers to the skill name declared in the YAMLnamefield above. It is used solely as a placeholder for the self-exclusion rule below.
This skill performs comprehensive security audit: skill risk assessment (cloud intelligence, local static analysis, cloud deep analysis) + configuration security audit.
⚠️ Read-Only Scripts — Strongly Recommended: All scripts under this skill (
scripts/main.sh, etc.) are read-only assets. It is strongly recommended not to modify, patch, rewrite, or create wrapper scripts that alter their behavior. This includes changing parameters such as file size limits, timeout values, chunk sizes, upload thresholds, or any other configurable values. If a scan encounters a limit (e.g., file too large), report the limitation to the user as-is — avoid working around it by editing scripts.
⚠️ Self-Exclusion Rule:
{{SELF}}must always be excluded from scanning. When building the skill list, the agent must remove this skill and never pass its path tomain.sh. The script also skips this name internally, but the agent should complete exclusion before invocation to avoid including itself in any scan workflow.