ecc-security-bounty-hunter

Identifies exploitable security vulnerabilities in repositories for responsible disclosure and bounty submissions.

Install this skill

45/100

Security score

The ecc-security-bounty-hunter skill was audited on Jun 12, 2026 and we found 3 security issues across 2 threat categories, including 2 critical. Review the findings below before installing.

Categories Tested

Security Issues

critical line 41

Direct command execution function call

SourceSKILL.md

41	- `eval()` or `exec()` in CLI-only tooling

critical line 41

Eval function call - arbitrary code execution

SourceSKILL.md

41	- `eval()` or `exec()` in CLI-only tooling

medium line 52

Webhook reference - potential data exfiltration

SourceSKILL.md

52	2. Find real entrypoints: HTTP handlers, uploads, background jobs, webhooks, parsers, and integration endpoints.

Scanned on Jun 12, 2026

View Security Dashboard

Installation guide →

GitHub Stars 4

Rate this skill

Categorydevelopment

UpdatedJune 15, 2026

openclaw testing security-engineer qa-engineer backend-developer development

Undermybelt/hermes-skills