Crawler Summary
Use when generating Java code for web applications, APIs, or enterprise systems - prevents OWASP Top 10 vulnerabilities in Spring Boot, Jakarta EE, and core Java --- name: security-antipatterns-java description: Use when generating Java code for web applications, APIs, or enterprise systems - prevents OWASP Top 10 vulnerabilities in Spring Boot, Jakarta EE, and core Java version: "1.0.0" allowed-tools: "Read" metadata: short-description: Prevents OWASP Top 10 vulnerabilities in Java/Spring applications --- Security Anti-Patterns Guard for Java Overview Code generation guard t Capability contract not published. No trust telemetry is available yet. 1 GitHub stars reported by the source. Last updated 4/15/2026.
Freshness
Last checked 4/15/2026
Best For
security-antipatterns-java is best for general automation workflows where OpenClaw compatibility matters.
Not Ideal For
Contract metadata is missing or unavailable for deterministic execution.
Evidence Sources Checked
editorial-content, GITHUB OPENCLEW, runtime-metrics, public facts pack
Use when generating Java code for web applications, APIs, or enterprise systems - prevents OWASP Top 10 vulnerabilities in Spring Boot, Jakarta EE, and core Java --- name: security-antipatterns-java description: Use when generating Java code for web applications, APIs, or enterprise systems - prevents OWASP Top 10 vulnerabilities in Spring Boot, Jakarta EE, and core Java version: "1.0.0" allowed-tools: "Read" metadata: short-description: Prevents OWASP Top 10 vulnerabilities in Java/Spring applications --- Security Anti-Patterns Guard for Java Overview Code generation guard t
Public facts
5
Change events
1
Artifacts
0
Freshness
Apr 15, 2026
Capability contract not published. No trust telemetry is available yet. 1 GitHub stars reported by the source. Last updated 4/15/2026.
Trust score
Unknown
Compatibility
OpenClaw
Freshness
Apr 15, 2026
Vendor
Subhashdasyam
Artifacts
0
Benchmarks
0
Last release
Unpublished
Key links, install path, and a quick operational read before the deeper crawl record.
Summary
Capability contract not published. No trust telemetry is available yet. 1 GitHub stars reported by the source. Last updated 4/15/2026.
Setup snapshot
git clone https://github.com/subhashdasyam/security-antipatterns-java.gitSetup complexity is LOW. This package is likely designed for quick installation with minimal external side-effects.
Final validation: Expose the agent to a mock request payload inside a sandbox and trace the network egress before allowing access to real customer data.
Everything public we have scraped or crawled about this agent, grouped by evidence type with provenance.
Vendor
Subhashdasyam
Protocol compatibility
OpenClaw
Adoption signal
1 GitHub stars
Handshake status
UNKNOWN
Crawlable docs
6 indexed pages on the official domain
Merged public release, docs, artifact, benchmark, pricing, and trust refresh events.
Extracted files, examples, snippets, parameters, dependencies, permissions, and artifact metadata.
Extracted files
0
Examples
1
Snippets
0
Languages
typescript
Parameters
text
User input involved? ├─ Database query → See references/injection.md (use PreparedStatement/JPA named params) ├─ File path → See references/file-operations.md (use Path.resolve() + startsWith check) ├─ Command execution → See references/injection.md (ProcessBuilder with list args) ├─ Deserialization → See references/deserialization.md (NEVER ObjectInputStream on untrusted) ├─ Template rendering → See references/xss-output.md (use th:text not th:utext) └─ API endpoint → See references/auth-access.md + references/input-validation.md Storing/generating secrets? ├─ API keys → See references/crypto-secrets.md (env vars or Vault) ├─ Passwords → See references/crypto-secrets.md (BCrypt/Argon2) └─ Tokens → See references/crypto-secrets.md (SecureRandom) Framework-specific? ├─ Spring Boot → See references/spring-security.md ├─ Jakarta EE → See references/jakarta-ee.md └─ Core Java → See references/java-runtime.md
Full documentation captured from public sources, including the complete README when available.
Docs source
GITHUB OPENCLEW
Editorial quality
ready
Use when generating Java code for web applications, APIs, or enterprise systems - prevents OWASP Top 10 vulnerabilities in Spring Boot, Jakarta EE, and core Java --- name: security-antipatterns-java description: Use when generating Java code for web applications, APIs, or enterprise systems - prevents OWASP Top 10 vulnerabilities in Spring Boot, Jakarta EE, and core Java version: "1.0.0" allowed-tools: "Read" metadata: short-description: Prevents OWASP Top 10 vulnerabilities in Java/Spring applications --- Security Anti-Patterns Guard for Java Overview Code generation guard t
Code generation guard that prevents security vulnerabilities while writing Java web application code. Covers OWASP Top 10 Web (2025), OWASP API Security Top 10 (2023), with CWE references throughout.
Stack: Java 11/17/21, Spring Boot, Spring Security, Jakarta EE, Hibernate, JPA
Java Version Focus:
Activate when generating code that:
PreparedStatement or JPA named parametersObjectInputStream.readObject() on untrusted data - use JSON with validationRuntime.exec() with user input - use ProcessBuilder with argument listjava.util.Random for security - use SecureRandomPath.resolve() + startsWith()userId before returning data| Module | Focus | Key Vulnerabilities | |--------|-------|---------------------| | references/injection.md | SQL, Command, LDAP, XPath, JPQL | CWE-89, CWE-78, CWE-90, CWE-643 | | references/deserialization.md | ObjectInputStream, XXE, JSON/YAML | CWE-502, CWE-611 | | references/xss-output.md | XSS, template escaping, JSP/Thymeleaf | CWE-79 | | references/auth-access.md | BOLA, BFLA, sessions, JWT | CWE-862, CWE-863, CWE-287 | | references/crypto-secrets.md | Secrets, hashing, encryption | CWE-798, CWE-327, CWE-916 | | references/input-validation.md | Bean Validation, forms, uploads | CWE-20, CWE-434, CWE-915 | | references/file-operations.md | Path traversal, temp files, NIO | CWE-22, CWE-377 | | references/spring-security.md | CSRF, CORS, method security, actuators | Spring-specific | | references/jakarta-ee.md | Servlet security, EJB, JAX-RS | Jakarta EE-specific | | references/dependencies.md | Maven/Gradle audit, supply chain | CWE-1104, CWE-1357 | | references/java-runtime.md | Reflection, ReDoS, ScriptEngine | CWE-94, CWE-1333 |
User input involved?
├─ Database query → See references/injection.md (use PreparedStatement/JPA named params)
├─ File path → See references/file-operations.md (use Path.resolve() + startsWith check)
├─ Command execution → See references/injection.md (ProcessBuilder with list args)
├─ Deserialization → See references/deserialization.md (NEVER ObjectInputStream on untrusted)
├─ Template rendering → See references/xss-output.md (use th:text not th:utext)
└─ API endpoint → See references/auth-access.md + references/input-validation.md
Storing/generating secrets?
├─ API keys → See references/crypto-secrets.md (env vars or Vault)
├─ Passwords → See references/crypto-secrets.md (BCrypt/Argon2)
└─ Tokens → See references/crypto-secrets.md (SecureRandom)
Framework-specific?
├─ Spring Boot → See references/spring-security.md
├─ Jakarta EE → See references/jakarta-ee.md
└─ Core Java → See references/java-runtime.md
Machine endpoints, protocol fit, contract coverage, invocation examples, and guardrails for agent-to-agent use.
Contract coverage
Status
missing
Auth
None
Streaming
No
Data region
Unspecified
Protocol support
Requires: none
Forbidden: none
Guardrails
Operational confidence: low
curl -s "https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/snapshot"
curl -s "https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/contract"
curl -s "https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/trust"
Trust and runtime signals, benchmark suites, failure patterns, and practical risk constraints.
Trust signals
Handshake
UNKNOWN
Confidence
unknown
Attempts 30d
unknown
Fallback rate
unknown
Runtime metrics
Observed P50
unknown
Observed P95
unknown
Rate limit
unknown
Estimated cost
unknown
Do not use if
Every public screenshot, visual asset, demo link, and owner-provided destination tied to this agent.
Neighboring agents from the same protocol and source ecosystem for comparison and shortlist building.
Rank
70
AI Agents & MCPs & AI Workflow Automation • (~400 MCP servers for AI agents) • AI Automation / AI Agent with MCPs • AI Workflows & AI Agents • MCPs for AI Agents
Traction
No public download signal
Freshness
Updated 2d ago
Rank
70
AI productivity studio with smart chat, autonomous agents, and 300+ assistants. Unified access to frontier LLMs
Traction
No public download signal
Freshness
Updated 6d ago
Rank
70
Free, local, open-source 24/7 Cowork app and OpenClaw for Gemini CLI, Claude Code, Codex, OpenCode, Qwen Code, Goose CLI, Auggie, and more | 🌟 Star if you like it!
Traction
No public download signal
Freshness
Updated 6d ago
Rank
70
The Frontend for Agents & Generative UI. React + Angular
Traction
No public download signal
Freshness
Updated 23d ago
Contract JSON
{
"contractStatus": "missing",
"authModes": [],
"requires": [],
"forbidden": [],
"supportsMcp": false,
"supportsA2a": false,
"supportsStreaming": false,
"inputSchemaRef": null,
"outputSchemaRef": null,
"dataRegion": null,
"contractUpdatedAt": null,
"sourceUpdatedAt": null,
"freshnessSeconds": null
}Invocation Guide
{
"preferredApi": {
"snapshotUrl": "https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/snapshot",
"contractUrl": "https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/contract",
"trustUrl": "https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/trust"
},
"curlExamples": [
"curl -s \"https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/snapshot\"",
"curl -s \"https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/contract\"",
"curl -s \"https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/trust\""
],
"jsonRequestTemplate": {
"query": "summarize this repo",
"constraints": {
"maxLatencyMs": 2000,
"protocolPreference": [
"OPENCLEW"
]
}
},
"jsonResponseTemplate": {
"ok": true,
"result": {
"summary": "...",
"confidence": 0.9
},
"meta": {
"source": "GITHUB_OPENCLEW",
"generatedAt": "2026-04-17T02:59:24.646Z"
}
},
"retryPolicy": {
"maxAttempts": 3,
"backoffMs": [
500,
1500,
3500
],
"retryableConditions": [
"HTTP_429",
"HTTP_503",
"NETWORK_TIMEOUT"
]
}
}Trust JSON
{
"status": "unavailable",
"handshakeStatus": "UNKNOWN",
"verificationFreshnessHours": null,
"reputationScore": null,
"p95LatencyMs": null,
"successRate30d": null,
"fallbackRate": null,
"attempts30d": null,
"trustUpdatedAt": null,
"trustConfidence": "unknown",
"sourceUpdatedAt": null,
"freshnessSeconds": null
}Capability Matrix
{
"rows": [
{
"key": "OPENCLEW",
"type": "protocol",
"support": "unknown",
"confidenceSource": "profile",
"notes": "Listed on profile"
}
],
"flattenedTokens": "protocol:OPENCLEW|unknown|profile"
}Facts JSON
[
{
"factKey": "docs_crawl",
"category": "integration",
"label": "Crawlable docs",
"value": "6 indexed pages on the official domain",
"href": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceUrl": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceType": "search_document",
"confidence": "medium",
"observedAt": "2026-04-15T05:03:46.393Z",
"isPublic": true
},
{
"factKey": "vendor",
"category": "vendor",
"label": "Vendor",
"value": "Subhashdasyam",
"href": "https://github.com/subhashdasyam/security-antipatterns-java",
"sourceUrl": "https://github.com/subhashdasyam/security-antipatterns-java",
"sourceType": "profile",
"confidence": "medium",
"observedAt": "2026-04-15T03:16:07.156Z",
"isPublic": true
},
{
"factKey": "protocols",
"category": "compatibility",
"label": "Protocol compatibility",
"value": "OpenClaw",
"href": "https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/contract",
"sourceUrl": "https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/contract",
"sourceType": "contract",
"confidence": "medium",
"observedAt": "2026-04-15T03:16:07.156Z",
"isPublic": true
},
{
"factKey": "traction",
"category": "adoption",
"label": "Adoption signal",
"value": "1 GitHub stars",
"href": "https://github.com/subhashdasyam/security-antipatterns-java",
"sourceUrl": "https://github.com/subhashdasyam/security-antipatterns-java",
"sourceType": "profile",
"confidence": "medium",
"observedAt": "2026-04-15T03:16:07.156Z",
"isPublic": true
},
{
"factKey": "handshake_status",
"category": "security",
"label": "Handshake status",
"value": "UNKNOWN",
"href": "https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/trust",
"sourceUrl": "https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/trust",
"sourceType": "trust",
"confidence": "medium",
"observedAt": null,
"isPublic": true
}
]Change Events JSON
[
{
"eventType": "docs_update",
"title": "Docs refreshed: Sign in to GitHub · GitHub",
"description": "Fresh crawlable documentation was indexed for the official domain.",
"href": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceUrl": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceType": "search_document",
"confidence": "medium",
"observedAt": "2026-04-15T05:03:46.393Z",
"isPublic": true
}
]Sponsored
Ads related to security-antipatterns-java and adjacent AI workflows.