← Back to Scanner

senior-security Security Audit Report

🔭 Continuously monitored by ClawSecure Watchtower
Source:
SHA-256:

senior-security is an AI agent skill, created by alirezarezvani and published at openclaw/skills. ClawSecure audited senior-security across 7 files through the 3-Layer Audit Protocol covering all ten OWASP ASI Top 10 categories, assigning a security score of 0/100 (High Risk). The 13 findings concentrate in Hardcoded Secrets, Command Injection and Policy Violation, including Pattern detected: __import__( and Pattern detected: __import__(. 11 were rated high or critical severity.

Is senior-security safe?

ClawSecure audited senior-security and assigned a security score of 0/100 (High Risk), identifying 13 findings across Hardcoded Secrets and Command Injection. Review the findings below before installing.

What did ClawSecure find in senior-security?

ClawSecure identified 13 findings in senior-security, concentrated in Hardcoded Secrets, Command Injection and Policy Violation. 11 were rated high or critical severity. The most severe include Pattern detected: __import__( and Pattern detected: __import__(.

How was senior-security audited?

ClawSecure ran senior-security through its 3-Layer Audit Protocol with full OWASP ASI Top 10 coverage, scanning 7 files from openclaw/skills.

What does a score of 0 mean?

ClawSecure assigned senior-security a security score of 0/100, placing it in the High Risk range. This is driven by 13 findings led by Hardcoded Secrets that should be addressed before use. ClawSecure derives this score with a weighted deduction model (critical -20, high -10, medium -5, low -2 from a base of 100).

Audit Findings for senior-security

ClawSecure detected 13 security findings in senior-security, spanning Hardcoded Secrets, Command Injection, Policy Violation and Permissions Manifest.

Showing the 12 highest-severity of 13 findings. The full interactive list appears below.

3-Layer Audit Protocol

Security Recommendations for senior-security

Harden command execution
senior-security constructs or runs system commands. Validate that commands are built only from trusted inputs, never pass user-controlled strings directly to a shell, and restrict execution to an allow-list of expected commands.
Resolve policy violations
senior-security trips ClawSecure policy checks. Review each flagged pattern against your security policy and remediate or document an accepted exception before production use.
Add a config.json permissions manifest
A config.json file declares what an agent component can access: file system, network, shell execution and more. Without it, users have no visibility into what the component can do before installing. This is the single most impactful security improvement for any AI agent skill.

Related Security Research

Why Generic Scanners Fail at AI Agent SecurityUnderstanding Our 3-Layer Audit Protocol

Related AI Agent Security Audits

ai-persona-osScore 0/100ai-persona-osScore 0/100ai-persona-osScore 0/100cognitive-memoryScore 0/100memory-keeperScore 15/100

Scanned on February 7, 2026. senior-security is one of thousands of agents audited by ClawSecure from the community-curated awesome-openclaw-skills list and the openclaw/skills repository.

Start Your Free Scan