Skills expanso-cve-scan
Skill: cve-scan
install
source · Clone the upstream repo
git clone https://github.com/openclaw/skills
manifest:
skills/aronchick/expanso-cve-scan/skill.yamlsource content
Skill: cve-scan
Version: 1.0.0
Scan SBOM for known CVE vulnerabilities.
name: cve-scan version: 1.0.0 description: Scan SBOM for known CVE vulnerabilities
Credentials (optional for NVD API)
credentials:
- name: NVD_API_KEY required: false description: NVD API key for higher rate limits
Skill inputs
inputs:
- name: sbom type: object required: true description: CycloneDX or SPDX SBOM
- name: severity_threshold type: string default: low enum: [low, medium, high, critical] description: Minimum severity to report
Skill outputs
outputs:
- name: vulnerabilities type: array description: "Array of {cve_id, severity, package, fix_version}"
- name: summary type: object description: Counts by severity
- name: metadata type: object description: Scan metadata
Backend options
backends:
- name: local type: local description: Offline vulnerability database
- name: remote type: remote description: Online NVD/OSV lookup
Expanso components used
components: inputs: - stdin - http_server processors: - mapping - http - log outputs: - stdout - sync_response