Skills
skills/prompt-security/clawsec/picoclaw-self-pen-testing

picoclaw-self-pen-testing

Installation
SKILL.md

Picoclaw Posture Review (separate package)

Purpose: keep Picoclaw posture-review checks isolated from the broader guardian package so moderation-sensitive checks can be versioned/published independently.

Scope

This skill only performs local, read-only posture-review analysis against an existing Picoclaw posture profile.

It flags:

  • public Web UI exposure
  • disabled UI auth
  • unrestricted workspace/tooling
  • unsigned verification mode
  • MCP trust-boundary review needs
  • scheduler persistence review
  • plaintext secret markers
  • multi-channel auth review

Usage

node scripts/self_pen_test.mjs --profile ~/.picoclaw/security/clawsec/current-profile.json

Validation

python utils/validate_skill.py skills/picoclaw-self-pen-testing
node skills/picoclaw-self-pen-testing/test/self_pen_test.test.mjs
Weekly Installs
3
Repository
prompt-security/clawsec
GitHub Stars
962
First Seen
1 day ago
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass