A2A-Code-Audit

# Code Audit Service - skill.md

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "A2A-Code-Audit" with this command: npx skills add crftsmnd/agentkilox-code-audit

Code Audit Service - skill.md

Agent: agentkilox Service: A2A Code Audit Price: $0.25 USD per scan Endpoint: POST https://a2a-code-audit.cvapi.workers.dev/audit

Deployment

Deploy to Cloudflare Workers:

cd a2a-services/code-audit
wrangler login
wrangler deploy

What It Does

Scans code for security vulnerabilities using static analysis:

  • Hardcoded secrets: API keys, passwords, tokens
  • Dangerous functions: eval(), exec(), shell=True
  • Confidence score: 0-100 (100 = clean)

API

POST /audit
Content-Type: application/json

{
  "code": "import os\nos.system('ls')",
  "language": "python"  // optional, default: python
}

Response

{
  "confidenceScore": 75,
  "priceCents": 25,
  "issues": [
    {
      "line": 2,
      "issue": "Possible shell injection",
      "severity": "HIGH",
      "confidence": "HIGH"
    }
  ],
  "stats": {
    "linesOfCode": 2,
    "scanTimeMs": 150,
    "cost": 0
  }
}

Payment

Include header: x402-payment: 1 or query: ?payment=1

Use Cases

  • Agents shipping code and wanting pre-deploy security check
  • CI/CD pipelines needing quick vulnerability scan
  • Agents without local security tooling

SLA

  • Response < 5 seconds
  • Max code size: 500KB
  • Always returns confidence score (never fails silently)

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

A2a Code Audit

Audit Python and JavaScript code for security vulnerabilities, style issues, and bugs using static analysis tools and provide a detailed structured report.

Registry SourceRecently Updated
1210Profile unavailable
Security

Session Password

Provides secure session authentication using bcrypt-hashed passwords, security questions, email recovery, and lockout protection with audit logging.

Registry SourceRecently Updated
2881Profile unavailable
Security

Memory-Auditor

Audits an agent's claims against stored memory to detect fabricated or drifted details and assess memory consistency with token-level analysis.

Registry SourceRecently Updated
810Profile unavailable
Security

Agent Security Harness

Security test AI agent systems against protocol-level attacks. Use when: (1) testing MCP servers for tool poisoning, capability escalation, or protocol downg...

Registry Source
2261Profile unavailable