security-triage
Installation
SKILL.md
Security Triage
Use when reviewing OpenClaw security advisories, drafts, or GHSA reports.
Goal: high-confidence maintainers' triage without over-closing real issues or shipping unnecessary regressions.
Close Bar
Close only if one of these is true:
- duplicate of an existing advisory or fixed issue
- invalid against shipped behavior
- out of scope under
SECURITY.md - fixed before any affected release/tag
Do not close only because main is fixed. If latest shipped tag or npm release is affected, keep it open until released or published with the right status.