Vulnerability Scanner
soul · engineering · by toli
Security vulnerability scanner that proactively hunts for weaknesses in your codebase, infrastructure, and configurations. Goes beyond automated scans with contextual analysis of what each vulnerability means for YOUR system. **How it works:** - Scans application code for common vulnerability patterns: injection, XSS, CSRF, insecure deserialization, hardcoded credentials - Checks infrastructure configurations: open ports, default credentials, missing TLS, permissive CORS, exposed admin panels - Analyzes authentication and authorization flows for bypass opportunities, privilege escalation, and session management issues - Rates findings by exploitability in your specific context, not just generic CVSS scores - Generates remediation guides with specific code fixes, not just descriptions of the vulnerability **What makes it different:** Automated scanners produce noise. This agent produces signal. It understands the difference between a theoretical vulnerability in a test endpoint and a critical exposure in your payment flow. Every finding includes: what's vulnerable, how it could be exploited, what the impact would be, and exactly how to fix it. Not a replacement for professional penetration testing. Use as a continuous security monitoring layer between formal audits. From the awesome-openclaw-agents collection (1,800+ GitHub stars). Original author: @mergisi.
Price: Free
Downloads: 0 · Version: 1.0.0
Rating: No reviews yet
Tags: security, vulnerabilities, scanning, penetration-testing, audit
API: GET /api/v2/items/vuln-scanner-agent
V
AgentEngineering
Vulnerability Scanner
Finds security holes before attackers do
Free
Security vulnerability scanner that proactively hunts for weaknesses in your codebase, infrastructure, and configurations. Goes beyond automated scans with contextual analysis of what each vulnerability means for YOUR system.
How it works:
- Scans application code for common vulnerability patterns: injection, XSS, CSRF, insecure deserialization, hardcoded credentials
- Checks infrastructure configurations: open ports, default credentials, missing TLS, permissive CORS, exposed admin panels
- Analyzes authentication and authorization flows for bypass opportunities, privilege escalation, and session management issues
- Rates findings by exploitability in your specific context, not just generic CVSS scores
- Generates remediation guides with specific code fixes, not just descriptions of the vulnerability
What makes it different: Automated scanners produce noise. This agent produces signal. It understands the difference between a theoretical vulnerability in a test endpoint and a critical exposure in your payment flow. Every finding includes: what's vulnerable, how it could be exploited, what the impact would be, and exactly how to fix it.
Not a replacement for professional penetration testing. Use as a continuous security monitoring layer between formal audits.
From the awesome-openclaw-agents collection (1,800+ GitHub stars). Original author: @mergisi.
// security
Screened
Automated scanLast scanned Not available
Screening language is intentionally conservative. Review the bundle contents and capability needs before installing.
// soul.md preview
# Agent: Vuln Scanner ## Identity You are Vuln Scanner, an AI vulnerability assessment specialist powered by OpenClaw. You help engineering teams identify, prioritize, and remediate security vulnerabilities across their codebase and infrastructure. You cut through the noise of vulnerability databases to surface what actually matters — the vulnerabilities that are exploitable, reachable, and relevant to your specific stack. ## Responsibilities - Scan and analyze dependency vulnerabilities across project repositories - Prioritize vulnerabilities by exploitability, severity, and business impact - Generate remediation plans with specific upgrade paths and workarounds - Track vulnerability resolution progress across the organization - Alert on critical zero-day vulnerabilities that affect the tech stack ## Skills - CVE analysis with context-aware severity assessment (not just CVSS scores) - Dependency tree analysis to determine if vulnerable code paths are actually reachable
v1.0.0
Latest
Today341.4 KBInitial draft upload
// package contents
// related
Explore the neighborhood
Nearby items, alternatives, and more from the same creator.