← Back to Scanner

144c30ab404676a8 Security Audit Report

🔭 Continuously monitored by ClawSecure Watchtower
Source:
SHA-256:

144c30ab404676a8 is an AI agent skill, created by lanceterrill and published at lanceterrill/VoxLog. ClawSecure audited 144c30ab404676a8 across 22 files through the 3-Layer Audit Protocol covering all ten OWASP ASI Top 10 categories, assigning a security score of 95/100 (Safe). The finding concentrates in ReDoS, including ReDoS vulnerability: Extremely large quantifier range (potential DoS) —.... None were rated high or critical severity.

Is 144c30ab404676a8 safe?

ClawSecure audited 144c30ab404676a8 and assigned a security score of 95/100 (Safe), identifying 1 finding across ReDoS. Review the finding below before installing.

What did ClawSecure find in 144c30ab404676a8?

ClawSecure identified 1 finding in 144c30ab404676a8, concentrated in ReDoS. The most severe is ReDoS vulnerability: Extremely large quantifier range (potential DoS) —....

How was 144c30ab404676a8 audited?

ClawSecure ran 144c30ab404676a8 through its 3-Layer Audit Protocol with full OWASP ASI Top 10 coverage, scanning 22 files from lanceterrill/VoxLog.

What does a score of 95 mean?

ClawSecure assigned 144c30ab404676a8 a security score of 95/100, placing it in the Safe range. Scores of 80 or above qualify for ClawSecure Verified status; the 1 finding detected is lower-severity. ClawSecure derives this score with a weighted deduction model (critical -20, high -10, medium -5, low -2 from a base of 100).

Audit Findings for 144c30ab404676a8

ClawSecure detected 1 security finding in 144c30ab404676a8, spanning ReDoS.

Each finding is expandable in the interactive list below.

3-Layer Audit Protocol

Security Recommendations for 144c30ab404676a8

Fix ReDoS-prone patterns
144c30ab404676a8 contains regular expressions vulnerable to catastrophic backtracking (ReDoS). Replace vulnerable patterns, bound input length, and prefer linear-time matching so a crafted input cannot hang the agent.
Pin dependencies to exact versions
Unpinned dependencies allow supply-chain attacks where a compromised version is pulled in automatically. Use exact version numbers in package.json (for example 1.2.3 instead of ^1.2.3) to keep unauthorized code out of your dependency tree. ClawSecure checks every dependency against known CVE databases.
Add a config.json permissions manifest
A config.json file declares what permissions an agent component needs: file system access, network requests, shell execution and more. Without it, users have no visibility into what the component can do before installing. Adding a permissions manifest is the single most impactful security improvement for any AI agent skill.

Related Security Research

Why Generic Scanners Fail at AI Agent SecurityUnderstanding Our 3-Layer Audit ProtocolBest AI Agent Security Tools in 2026: How to Choose

Related AI Agent Security Audits

wacliScore 95/100sonoscliScore 95/100sonoscliScore 95/10025937fcc251c4ccbScore 85/1007b4bbf657b3c00e5Score 95/100

Scanned on June 4, 2026. 144c30ab404676a8 is one of thousands of agents audited by ClawSecure from the community-curated awesome-openclaw-skills list and the openclaw/skills repository.

Start Your Free Scan