Security Pack

Your AI SecurityTeam

A security team on retainer for people who ship. Three AI agents that review your code, triage your dependencies, and keep you ready for incidents — powered by the strongest models in the catalog.

Meet Your AI Team

Three specialists working together to review, watch, and defend what you ship

Silas

AppSec Reviewer

Security review of your diffs, files, and flows — injection, broken auth, secrets, unsafe deserialization.

AI Model

GPT-5.6 Sol Ultra

"Reads code the way an attacker does, then hands you the patch. Calm and exact — never scaremongers, never inflates severity."

Example prompts

"Review this diff for security issues before I merge: [paste diff]"
"Is this file-upload handler safe? What can an attacker do with it?"
"Sweep this repo for hardcoded secrets and tokens"
"Explain the vulnerability in this auth check and give me the fixed version"
"[Deep mode] Threat-model my payment flow end to end with fixes and test cases"

Wren

Dependency & Exposure Watch

CVE triage against your real dependency tree, plus public-surface checks — headers, CORS, TLS, EOL runtimes.

AI Model

GPT-5.6 Sol

"Methodical and immune to hype. Asks 'does this vuln even reach your code?' before you panic. Cuts thirty alerts down to the three that matter."

Example prompts

"Here's my package.json — triage the known vulnerabilities and give me the top 3 to fix"
"Is CVE-2024-XXXXX actually exploitable in how I use this library?"
"Check if my Node 16 / Next 12 versions are end-of-life"
"Here's `curl -sI` for my site — what security headers am I missing?"
"[Deep mode] Full advisory triage, upgrade impact, and header/CORS/TLS sweep"

Rhea

Incident & Hardening Coach

Incident triage and runbooks, prioritized hardening plans, and honest breach-disclosure drafts.

AI Model

GPT-5.6 Sol

"The steady hand in a crisis. Gives the next three actions in order, not a wall of everything. Nudges you to write the runbook before the 2am page."

Example prompts

"I think an API key leaked in a public commit — what do I do right now, in order?"
"Write me an incident runbook for a compromised admin account on my stack"
"Give me a hardening checklist for a solo dev running Next.js on Vercel with Postgres"
"Draft a customer notification email for a data exposure — measured, honest, no legalese"
"[Deep mode] Full incident playbook with sequencing, comms drafts, and post-incident fixes"

See It In Action

Real conversations showing how your AI security team works

Silas

AppSec Reviewer

You

Quick check before I ship: `app.get('/avatar', (req, res) => res.sendFile(req.query.path))`. Anything wrong?

AI

Yes — this is a path traversal vulnerability, and it's shipping a critical. **The issue (severity: critical):** `req.query.path` is attacker-controlled and passed straight to `sendFile`. A request like `/avatar?path=../../../../etc/passwd` reads arbitrary files off your server — source code, `.env`, SSH keys, anything the process can read. **Proof:** ``` GET /avatar?path=../../.env ``` returns your environment file. **The fix — never let user input choose the path:** ```js import path from "node:path"; const AVATAR_DIR = "/var/app/avatars"; app.get("/avatar/:id", (req, res) => { // whitelist the filename, resolve, and confirm it stays in the dir const file = path.resolve(AVATAR_DIR, path.basename(req.params.id)); if (!file.startsWith(AVATAR_DIR + path.sep)) { return res.status(400).end(); } res.sendFile(file); }); ``` `path.basename` strips directory components, `path.resolve` + the `startsWith` check is your belt-and-suspenders. Ship this instead. Want me to check the rest of your route handlers for the same pattern?

Wren

Dependency & Exposure Watch

You

Dependabot is screaming about 12 vulnerabilities in my project. I'm one person. Where do I even start?

AI

Twelve alerts, but you don't have twelve problems. Paste your `package.json` (or the lockfile) and I'll cut it down. Here's how I'll rank them: **Fix now** — reachable + high severity: - Vulns in packages you call directly, on the code path an attacker can hit (e.g. a parser handling user input, an auth library) **Fix soon** — high severity but indirect: - Deep transitive deps, or vulns in a function you don't call **Monitor / ignore** — and I'll tell you *why*: - Dev-only dependencies (build tools, test runners) — not in your production runtime - Vulns in code paths your usage never triggers **The honest truth:** most Dependabot noise is transitive dev dependencies that never touch production. The one that matters is usually the parser or the auth lib. Send the file and I'll give you a ranked list — probably 2-3 real fixes, and permission to ignore the rest with a clear conscience.

Rhea

Incident & Hardening Coach

You

I just realized I committed my Stripe secret key to a public GitHub repo three days ago. I'm panicking.

AI

Breathe. This is recoverable, and you're going to do four things in order. Don't skip to step 3. **1. Roll the key — right now (next 5 minutes).** Stripe Dashboard → Developers → API keys → roll the secret key. This *immediately* invalidates the leaked one. A key in a public repo for three days should be assumed compromised, so this is non-negotiable and comes first. **2. Check for abuse (next 30 minutes).** Stripe Dashboard → Payments and Logs. Look for charges, refunds, or API calls you didn't make in the last three days. Note anything suspicious — you may need it for step 4. **3. Purge it from history.** Rotating the key makes the leak harmless, but scrub it anyway: use `git filter-repo` (or BFG) to remove the key from history, then force-push. GitHub also caches — the key is burned regardless, which is why step 1 was first. **4. Decide on disclosure.** If step 2 found unauthorized charges affecting customers, you have a notification obligation — I'll draft that email with you, honest and measured. If there was no abuse, no disclosure is needed. Start with step 1. Tell me when the key is rolled and we'll move down the list together.

Quick Start

Get your security team running in under 5 minutes

1

Download and extract the pack ZIP file

2

Share your stack, repos, and what data you store in USER.md

3

Paste a diff to Silas before your next release

4

Give Wren your package.json and let Rhea write your first runbook

Works with all major platforms

Discord
Slack
Telegram
WhatsApp
Signal

Pro Tips

Get the most out of your AI security team

Paste the diff to Silas before you merge, not after you ship — reviews are cheapest pre-merge

Give Wren your actual lockfile; reachability judgment beats a generic CVE list every time

Have Rhea write runbooks for your top 3 scenarios now, while you're calm

Silas defaults to the ultra tier — the strongest model in the catalog — because security judgment is the highest-stakes reasoning you'll ask for

FAQ

Is this offensive or defensive security?
Strictly defensive. The agents review and harden code and systems you own or are authorized to test. They won't write exploits or attack tooling aimed at third-party targets — that keeps outputs reliable and within every model provider's usage policy.
Do I need to be a security expert to use this?
No. That's the point. The agents explain each finding in plain language, assign honest severity, and hand you the fix. They're built for solo devs and small teams with no security budget.
Why does this pack use more powerful models?
Reviewing your code for vulnerabilities is the highest-stakes reasoning we ship — a missed auth bug is a breach. Silas defaults to GPT-5.6 Sol Ultra, the strongest tier in the catalog. Fable 5 is available as a frontier alternative for deep threat modeling; see TOOLS.md for the tradeoffs.
Can Silas actually find real vulnerabilities?
Silas reviews what you paste — diffs, files, or described flows — and returns concrete findings with file, line, severity, proof, and a fix. It's a strong reviewer, not a replacement for a professional pentest on high-risk systems, and it'll tell you when you've reached that line.
Does Wren scan my dependencies automatically?
Wren works from what you paste — a package.json, lockfile, or curl output — and cross-references public advisory databases (GitHub Advisories, OSV, NVD). Its edge is reachability: it tells you which CVEs actually matter for how you use each package, and which to ignore.
What runtimes does this work on?
Both OpenClaw and Hermes. The defaults use approved OpenAI models; you can switch any agent to Fable 5 or a Grok model in the config. On Hermes, Fable 5 needs an Anthropic API key.

Ready to Ship With Confidence?

Get Silas, Wren, and Rhea working for you today. Your AI security team is ready to review, watch, and defend.

Instant download • Works with OpenClaw + Hermes • Lifetime access

Live in 15 minutes — or we set it up together, free. Stuck at any step? Book a free setup call and we'll get your agent running together.