Vulnerability Scanner

The Vulnerability Scanner skill performs automated security assessments against web applications, APIs, and server endpoints, checking for OWASP Top 10 vulnerabilities and common misconfigurations. Supported checks include SQL injection, cross-site scripting (XSS), insecure HTTP headers, exposed sensitive files and directories, open redirects, CORS misconfiguration, and server information disclosure. The skill uses a passive scan mode for production systems (no exploit attempts, observation only) and an active probe mode for staging or test environments where actual payloads are sent. Results are categorized by severity — critical, high, medium, low, informational — with CVSS scores and remediation guidance for each finding. Reports are generated in Markdown or HTML format suitable for sharing with development teams. Scan scope is strictly limited to domains and IPs you specify, with a confirmation prompt before any active scanning begins. The skill integrates with the SSL Checker and Port Scanner skills to build a comprehensive external security assessment workflow. Only use on systems you own or have written permission to test.

Installation

clawhub install vuln-scanner

Install: clawhub install vuln-scanner