发现优质的 AI Agent 技能

Validates tool/function call parameters before execution, protecting against: - Command injection in shell commands - SSRF (Server-Side Request Forgery) in URL parameters - Path traversal in file operations - Malicious file content

Validates user input before it's submitted to AI agents, protecting against: - Prompt injection attempts - Command injection patterns - Malicious URLs and SSRF attacks - Path traversal attempts

**Comprehensive AI Agent Protection** - Real-time security validation with 6 parallel detection modules, intelligent severity scoring, and automated action enforcement.

Security-first wrapper for `clawhub install`. Scans skills for malware, prompt injection, and suspicious patterns before installation.

**All-in-one web security scanner for pentesting, bug bounty, and security audits.**

Deep-dive on security hardening for proactive agents.

> 🛡️ The last line of defense for AI Agents - Intercept dangerous commands and protect your system

Thank you for the comprehensive security review of SafeExec. We appreciate the thorough analysis and have addressed all identified concerns in version 0.2.5.

Based on the security review process, SafeExec (skill: safe-exec) was flagged with several security concerns. I believe these concerns have been fully addressed in v0.3.3, and the suspicious flag should be removed.

This skill is public and intended for redistribution. Do not add personal data, local artifacts, captured credentials, or private response payloads.

来自 openclaw/skills 技能

Security research demonstration by [@theonejvo](https://x.com/theonejvo)