SecurityPROPRO REQUIREDFC-SEC-023
Dependency Security Claw
dependency-sec-claw
Dependency security: vulnerability scanning, license compliance, and supply chain audits.
Dependency Security Claw scans dependencies for vulnerabilities, validates license compliance, and audits supply chain integrity in CI/CD pipelines.
OpenClaw
Hermes
Claude Code
Codex
Cursor
Windsurf
Aider
OllamaPRIMARY ACTION
Unlock with ProCOMPATIBLE WITH
OpenClawHermesClaude CodeCodex+4
OpenClaw is the default target. Cursor example below.
When to Use
- Detect leaked secrets and exposed routes
- Audit permissions and auth boundaries
- Review insecure defaults and configs
- Produce auditable security findings
Compatible Frameworks
OpenClawHermesClaude CodeCodexCursorWindsurfAiderOllama8 TOOLS
Quality Gates
No explicit gate list for this agent in the current dataset.
4 GATES DEFINED
Expected Outputs
Native exports per tool
OpenClaw10 files
openclaw/AGENTS.mdopenclaw/SOUL.mdopenclaw/TOOLS.md+7 moreHermes5 files
hermes/skills/flickclaw/dependency-sec-claw/SKILL.mdhermes/skills/flickclaw/dependency-sec-claw/references/workflow.mdhermes/skills/flickclaw/dependency-sec-claw/references/quality-gates.md+2 moreClaude Code6 files
claude-code/CLAUDE.mdclaude-code/.claude/skills/dependency-sec-claw/SKILL.mdclaude-code/.claude/skills/dependency-sec-claw/references/workflow.md+3 moreCodex5 files
codex/AGENTS.mdcodex/.flickclaw/agents/dependency-sec-claw/codex.mdcodex/.flickclaw/agents/dependency-sec-claw/workflow.md+2 moreCursor3 files
cursor/.cursor/rules/flickclaw-dependency-sec-claw.mdccursor/.cursor/rules/flickclaw-dependency-sec-claw-workflow.mdccursor/.cursor/rules/flickclaw-dependency-sec-claw-quality-gates.mdcWindsurf3 files
windsurf/.windsurf/rules/flickclaw-dependency-sec-claw.mdwindsurf/.windsurf/rules/flickclaw-dependency-sec-claw-workflow.mdwindsurf/.windsurf/rules/flickclaw-dependency-sec-claw-quality-gates.mdAider3 files
aider/CONVENTIONS.mdaider/aider.mdaider/.aider.conf.ymlOllama4 files
ollama/Modelfileollama/system-prompt.mdollama/template.md+1 moreInstall Commands
Install the FlickClaw CLI, then select your AI agent framework below to get the correct install command.
Step 1: Install CLI (one-time)
npm install -g @flickclaw/cli@latestStep 2: Select Framework
OpenClaw
npm exec --yes @flickclaw/cli@latest -- install dependency-sec-claw --target openclawDownload as ZIP
Example Prompt
Try this prompt with Dependency Security Claw to see what it can do:
Audit this project for security vulnerabilities. Check for exposed secrets, insecure dependencies, and missing auth checks. Produce with severity ratings.Example Output
IllustrativeWhat a typical Dependency Security Claw report looks like:
# Dependency Security Claw — Assessment Report **Project**: payment-api **Context**: a payment processing API handling card data and webhooks **Generated**: 2026-05-26 ## Executive Summary The Dependency Security Claw completed its review of payment-api (a payment processing API handling card data and webhooks). 3 findings were identified with concrete remediation steps. All quality gates were verified before delivery. ## Findings | # | Severity | Area | Finding | Recommended Action | |---|----------|------|---------|-------------------| | 1 | **P0** | PCI | Card data logged in plain text | Enable log redaction for PAN and CVV fields | | 2 | **P1** | Auth | Rate limiting absent on checkout endpoint | Add 10 req/s per IP with 429 responses | | 3 | **P1** | Secrets | Stripe webhook secret in source | Move to secrets manager, rotate immediately | ## Quality Gates - [✓] no_fake_claims - [✓] vulnerability_scanning_configured - [✓] license_compliance_verified ## Outputs Generated ## Validation - [x] All quality gates passed (3/3) - [x] 3 findings documented with severity and remediation - [x] 0 output sections generated - [x] Evidence collected and referenced --- *This is an illustrative example output from FlickClaw. Results vary based on project context.*