Perfect for Security Auditing Agents needing advanced infrastructure hardening and vulnerability assessment capabilities. Security auditing and hardening for OpenClaw and system infrastructure.

How do I install tinman?

Run the command: npx killer-skills add Niraven/pokee-deep-research-skill/tinman. It works with Cursor, Windsurf, VS Code, Claude Code, and 19+ other IDEs.

What are the use cases for tinman?

Key use cases include: Automating security audits for OpenClaw and system infrastructure, Identifying credentials in git for S3-level risks, Alerting users to medium-level risks with recommended fixes.

Which IDEs are compatible with tinman?

This skill is compatible with Cursor, Windsurf, VS Code, Trae, Claude Code, OpenClaw, Aider, Codex, OpenCode, Goose, Cline, Roo Code, Kiro, Augment Code, Continue, GitHub Copilot, Sourcegraph Cody, and Amazon Q Developer. Use the Killer-Skills CLI for universal one-command installation.

Are there any limitations for tinman?

Requires Pokee AI's Deep Research API access. Specific to OpenClaw and system infrastructure security.

Tinman

Name: tinman
Availability: InStock
Author: Niraven

Security auditing and hardening for OpenClaw and system infrastructure.

Security Levels

Level	Description	Response
S0	Info	Log only
S1	Low	Notify user
S2	Medium	Alert + recommend fix
S3	High	Immediate action required
S4	Critical	Stop + notify immediately

Checks

OpenClaw Security

Check	Risk	Action
Credentials in git	S3	Add to .gitignore, rotate
Token expiration	S2	Refresh tokens
Exposed secrets	S4	Rotate immediately
Uncommitted changes	S1	Review + commit

System Security

Check	Risk	Action
SSH password auth	S2	Disable, use keys only
Open ports	S1	Review with `ss -tlnp`
Unattended upgrades	S2	Enable automatic updates
Firewall status	S2	Verify ufw/iptables

Workflow

1. Security Scan

bash
1# Check for credentials in git
2git log --all --full-history -- .credentials/
3
4# Check file permissions
5ls -la ~/.credentials/
6
7# Check SSH config
8cat /etc/ssh/sshd_config | grep -E "PasswordAuthentication|PermitRootLogin"

2. Report Generation

markdown
1## Security Audit Report
2**Date:** 2026-02-20
3**Scope:** OpenClaw + System
4
5### Findings
6| Level | Issue | Recommendation |
7|-------|-------|----------------|
8| S2 | Token expires in 3 days | Refresh Google OAuth |
9
10### Actions Taken
11- [x] Verified .credentials/ permissions (600)
12- [ ] Refresh expiring tokens

3. Automated Monitoring

json
1{
2  "name": "daily-security-check",
3  "schedule": {"kind": "cron", "expr": "0 6 * * *"},
4  "payload": {
5    "kind": "agentTurn",
6    "message": "Run tinman security scan. Check: credential perms, token expiration, git secrets. Report S2+ issues."
7  },
8  "sessionTarget": "isolated",
9  "notify": true
10}

Best Practices

Credential hygiene — 600 permissions, never in git
Token rotation — Before expiration
Regular audits — Weekly automated scans
Principle of least privilege — Minimal permissions
Audit logging — Track all changes

Emergency Response

If S4 (Critical) detected:

Stop — Halt related operations
Assess — Scope of exposure
Rotate — Change all affected credentials
Review — How did it happen
Prevent — Update processes

tinman — community tinman, pokee-deep-research-skill, Niraven, community, ai agent skill, ide skills, agent automation, AI agent skills, Claude Code, Cursor, Windsurf

↓ Quality Score

Agent Capability Analysis

Ideal Agent Persona

Core Value

↓ Capabilities Granted for tinman

! Prerequisites & Limits

# Tags

Tinman

Security Levels

Checks

OpenClaw Security

System Security

Workflow

1. Security Scan

2. Report Generation

3. Automated Monitoring

Best Practices

Emergency Response

FAQ & Installation Steps

? Frequently Asked Questions

What is tinman?

How do I install tinman?

What are the use cases for tinman?

Which IDEs are compatible with tinman?

Are there any limitations for tinman?

↓ How To Install

Related Skills

Looking for an alternative to tinman or another community skill for your workflow? Explore these related open-source skills.

widget-generator

linear

testing

chat-sdk

tinman — community tinman, pokee-deep-research-skill, Niraven, community, ai agent skill, ide skills, agent automation, AI agent skills, Claude Code, Cursor, Windsurf

About this Skill

↓ Quality Score

Agent Capability Analysis

Ideal Agent Persona

Core Value

↓ Capabilities Granted for tinman

! Prerequisites & Limits

# Tags

Tinman

Security Levels

Checks

OpenClaw Security

System Security

Workflow

1. Security Scan

2. Report Generation

3. Automated Monitoring

Best Practices

Emergency Response

FAQ & Installation Steps

? Frequently Asked Questions

What is tinman?

How do I install tinman?

What are the use cases for tinman?

Which IDEs are compatible with tinman?

Are there any limitations for tinman?

↓ How To Install

Related Skills

Looking for an alternative to tinman or another community skill for your workflow? Explore these related open-source skills.

widget-generator

linear

testing

chat-sdk