How are security findings presented?

Findings are grouped by severity with a consolidated PASS/FAIL status, accompanied by exact remediation steps and verification commands.

What happens if a specific security tool is not installed?

The skill will provide installation instructions for the missing scanner and proceed with other available security checks.

Is this skill compatible with OpenClaw?

Yes, it is specifically designed for OpenClaw-native workflows and follows documented fallback scripts for consistent execution.

What scanners does this skill use?

It uses ecc-agentshield for harness scans and falls back to language-native tools like npm audit, pip-audit, and gosec depending on the environment.

ECC Security Scanner

Name: ECC Security Scanner
Author: oabdelmaksoud

byoabdelmaksoud

0•

Seguridad y Pruebas

Performs automated security reviews and vulnerability detection to identify risks and provide actionable remediation steps.

The ECC Security Scanner skill provides an automated framework for executing scanner-first security checks across your codebase. It integrates domain-specific tools like ecc-agentshield alongside native language audits such as npm audit, pip-audit, and gosec to identify vulnerabilities. By classifying findings by severity and offering precise remediation actions, it helps developers maintain a secure-by-default environment. This skill is optimized for reproducible, tool-backed execution, ensuring that security audits are consistent, verifiable, and evidence-based within your agent workflows.

Características Principales

01Automated vulnerability detection via ecc-agentshield and native scanners

02Consolidated reporting with clear PASS/FAIL status and severity grouping

03Detailed remediation instructions for every identified security risk

04Support for language-native audit commands like gosec and pip-audit

05Reproducible verification commands to confirm successful security fixes

060 GitHub stars

Casos de Uso

01Conducting deep security audits on new or inherited repositories

02Hardening application dependencies and configurations before production

03Automating risk classification and remediation within CI/CD pipelines

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add oabdelmaksoud/agention ecc-security-scan

For use in Claude.ai and ChatGPT

Características Principales

01Automated vulnerability detection via ecc-agentshield and native scanners

02Consolidated reporting with clear PASS/FAIL status and severity grouping

03Detailed remediation instructions for every identified security risk

04Support for language-native audit commands like gosec and pip-audit

05Reproducible verification commands to confirm successful security fixes

060 GitHub stars

Casos de Uso

01Conducting deep security audits on new or inherited repositories

02Hardening application dependencies and configurations before production

03Automating risk classification and remediation within CI/CD pipelines

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add oabdelmaksoud/agention ecc-security-scan

For use in Claude.ai and ChatGPT