Scans Node.js projects for security vulnerabilities. Reporting only — never auto-fixes.
- Purpose — Runs
npm auditacross active projects and writes a markdown report. Reflects the post-supply-chain-attack policy of careful dependency handling. - Trigger — cron every Monday 09:00 Israel time
- Script —
~/.openclaw/workspace/scripts/weekly-npm-audit.sh - Projects —
~/silver-castle,~/smartbudget-api,~/smartbudget-backend,~/remotion-video(and others as configured) - Memory — Reports saved to
~/.openclaw/workspace/memory/audit-YYYY-MM-DD.md