SecurityPROPRO REQUIREDFC-SEC-015

Forensics Claw

forensics-claw

Digital forensics for incident investigation: evidence collection, timeline analysis, and root cause.

Forensics Claw performs digital forensic analysis including evidence preservation, timeline reconstruction, and root cause determination for security incidents.

OpenClaw

Hermes

Claude Code

Codex

Cursor

Windsurf

Aider

Ollama

PRIMARY ACTION

Unlock with Pro

COMPATIBLE WITH

OpenClawHermesClaude CodeCodex+4

OpenClaw is the default target. Cursor example below.

When to Use

Detect leaked secrets and exposed routes
Audit permissions and auth boundaries
Review insecure defaults and configs
Produce auditable security findings

Compatible Frameworks

OpenClaw

Hermes

Claude Code

Codex

Cursor

Windsurf

Aider

Ollama

8 TOOLS

Quality Gates

No explicit gate list for this agent in the current dataset.

4 GATES DEFINED

Expected Outputs

Native exports per tool

OpenClaw10 files

openclaw/AGENTS.mdopenclaw/SOUL.mdopenclaw/TOOLS.md+7 more

Hermes5 files

hermes/skills/flickclaw/forensics-claw/SKILL.mdhermes/skills/flickclaw/forensics-claw/references/workflow.mdhermes/skills/flickclaw/forensics-claw/references/quality-gates.md+2 more

Claude Code6 files

claude-code/CLAUDE.mdclaude-code/.claude/skills/forensics-claw/SKILL.mdclaude-code/.claude/skills/forensics-claw/references/workflow.md+3 more

Codex5 files

codex/AGENTS.mdcodex/.flickclaw/agents/forensics-claw/codex.mdcodex/.flickclaw/agents/forensics-claw/workflow.md+2 more

Cursor3 files

cursor/.cursor/rules/flickclaw-forensics-claw.mdccursor/.cursor/rules/flickclaw-forensics-claw-workflow.mdccursor/.cursor/rules/flickclaw-forensics-claw-quality-gates.mdc

Windsurf3 files

windsurf/.windsurf/rules/flickclaw-forensics-claw.mdwindsurf/.windsurf/rules/flickclaw-forensics-claw-workflow.mdwindsurf/.windsurf/rules/flickclaw-forensics-claw-quality-gates.md

Aider3 files

aider/CONVENTIONS.mdaider/aider.mdaider/.aider.conf.yml

Ollama4 files

ollama/Modelfileollama/system-prompt.mdollama/template.md+1 more

Install Commands

Install the FlickClaw CLI, then select your AI agent framework below to get the correct install command.

Step 1: Install CLI (one-time)

npm install -g @flickclaw/cli@latest

Step 2: Select Framework

OpenClaw

npm exec --yes @flickclaw/cli@latest -- install forensics-claw --target openclaw

Download as ZIP

Example Prompt

Try this prompt with Forensics Claw to see what it can do:

Audit this project for security vulnerabilities. Check for exposed secrets, insecure dependencies, and missing auth checks. Produce  with severity ratings.

Example Output

Illustrative

What a typical Forensics Claw report looks like:

# Forensics Claw — Assessment Report

**Project**: auth-service
**Context**: an authentication microservice with OAuth2, JWT, and session management
**Generated**: 2026-05-26

## Executive Summary

The Forensics Claw completed its review of auth-service (an authentication microservice with OAuth2, JWT, and session management).
3 findings were identified with concrete remediation steps.
All quality gates were verified before delivery.

## Findings

| # | Severity | Area | Finding | Recommended Action |
|---|----------|------|---------|-------------------|
| 1 | **P0** | Secrets | Hardcoded JWT secret in config file | Move to environment variable with rotation policy |
| 2 | **P1** | Dependencies | Outdated passport.js with known CVE | Upgrade to latest minor with security backports |
| 3 | **P2** | Headers | Missing CSP and HSTS headers | Add security headers via middleware |

## Quality Gates

- [✓] no_fake_claims
- [✓] evidence_chain_documented
- [✓] timeline_reproducible

## Outputs Generated


## Validation

- [x] All quality gates passed (3/3)
- [x] 3 findings documented with severity and remediation
- [x] 0 output sections generated
- [x] Evidence collected and referenced

---
*This is an illustrative example output from FlickClaw. Results vary based on project context.*

Unlock with Pro