secucheck
Dangerous skill: executes local audit scripts (`bash ~/.openclaw/skills/secucheck/scripts/full_audit.sh`) and starts a network‑accessible server (`python3 -m http.server --bind 0.0.0.0`). It proclaims `Read-only` / `Never modifies configuration automatically` while `skill.json` grants `exec` and `gateway`.