Find the Right AI Skill for Any Job

Credential Manager

MANDATORY security foundation for OpenClaw. Consolidate scattered API keys and credentials into a secure .env file with proper permissions. Use when setting up OpenClaw, migrating credentials, auditing security, or enforcing the .env standard. This is not optional — centralized credential management is a core requirement for secure OpenClaw deployments. Scans for credential files across common locations, backs up existing files, creates a unified .env with mode 600, validates security, and enfor

claw skill security audit

Conduct comprehensive security audits and vulnerability analysis on codebases. Use when explicitly asked for security analysis, code security review, vulnerability assessment, SAST scanning, or identifying security issues in source code. Covers injection flaws, broken access control, hardcoded secrets, insecure data handling, authentication weaknesses, LLM safety, and privacy violations.

Ralph Security Audit

Comprehensive security audit with 100 iterations (~30-60 min). Use when user says 'security audit', 'ralph security', 'weekly security check', 'audit this pr...

Security Scanner

Automated security scanning and vulnerability detection for web applications, APIs, and infrastructure. Use when you need to scan targets for vulnerabilities, check SSL certificates, find open ports, detect misconfigurations, or perform security audits. Integrates with nmap, nuclei, and other security tools.

security-reviewer

Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews.

Ralph Quick Security Check

Fast security spot-check with 10 iterations (~5-10 min). Use when user says 'quick security check', 'pre-deploy audit', 'ralph quick', 'fast security scan',...

Skill Security Guide

Security best practices guide for passing ClawHub security scans with "Benign" ratings. Use when creating or reviewing skills to ensure they meet security st...

Clawdbot Security Check

Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to

Guardian Security — World-Class AI Security & Compliance

World-class autonomous security and compliance skill system. Use ANY time the user asks to review code for security issues, check credential management, audi...

OpenClaw Credential Manager

MANDATORY security foundation for OpenClaw. Consolidate scattered API keys and credentials into a secure .env file with proper permissions. Includes GPG encryption for high-value secrets, credential rotation tracking, deep scanning, and backup hardening. Use when setting up OpenClaw, migrating credentials, auditing security, or enforcing the .env standard. This is not optional — centralized credential management is a core requirement for secure OpenClaw deployments.

MoltThreats

Agent-native security signal feed by PromptIntel. Use this skill whenever the agent needs to report threats, fetch protection feeds, apply security rules, or update SHIELD.md. Trigger on any mention of: threat reporting, security feed, MCP threats, malicious skills, prompt injection reports, IOCs, indicators of compromise, agent security, PromptIntel, MoltThreats, SHIELD.md, or SHIELD.md updates. Also trigger when the agent detects suspicious behavior during normal operation (unexpected tool cal

Agent Runtime Security

Complete OpenClaw Agent Security Hardening - Protects against data leaks (storage security) and prompt injection (runtime security). Use for initial setup, s...

openclaw security auditor

OpenClaw Security Auditor (OSA) - Comprehensive security auditing tool for OpenClaw deployments. Provides 60-second security diagnosis, risk scoring (0-100),...

Alibabacloud Sas Alert Handler

Alibaba Cloud Security Center (SAS) CWPP host security alert handling skill. Used for querying, analyzing, and handling security alerts from Cloud Security C...

Security Auditor

Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.

ClawDefender - OpenClaw Security - Prompt injection, rogue skills etc

Security scanner and input sanitizer for AI agents. Detects prompt injection, command injection, SSRF, credential exfiltration, and path traversal attacks. Use when (1) installing new skills from ClawHub, (2) processing external input like emails, calendar events, Trello cards, or API responses, (3) validating URLs before fetching, (4) running security audits on your workspace. Protects agents from malicious content in untrusted data sources.

AI Skill Scanner

Scan OpenBot/Clawdbot skills for security vulnerabilities, malicious code, and suspicious patterns before installing them. Use when a user wants to audit a skill, check if a ClawHub skill is safe, scan for credential exfiltration, detect prompt injection, or review skill security. Triggers on security audit, skill safety check, malware scan, or trust verification.

Security Skill Scanner

Security scanner for ClawdHub skills - detects suspicious patterns, manages whitelists, and monitors Moltbook for security threats.

Arc Sentinel

Security monitoring and infrastructure health checks for OpenClaw agents. Run breach monitoring (HaveIBeenPwned), SSL certificate expiry checks, GitHub security audits, credential rotation tracking, secret scanning, git hygiene, token watchdog, and permission audits. Use when performing security scans, checking credential rotation status, auditing repos for leaked secrets, or monitoring SSL certificates and infrastructure health.

Security Dashboard

Real-time security monitoring dashboard for OpenClaw and Linux server infrastructure. Monitors gateway status, network security, public exposure, system updates, SSH access, TLS certificates, and resource usage.

Agentic Security Audit

Audit codebases, infrastructure, AND agentic AI systems for security issues. Covers traditional security (dependencies, secrets, OWASP web top 10, SSL/TLS, f...

Openclaw Security

Unified security suite for agent workspaces. Installs, configures, and orchestrates all 11 OpenClaw security tools in one command — integrity, secrets, permissions, network, audit trail, signing, supply chain, credentials, injection defense, compliance, and incident response.

Mobb Vulnerabilities Fixer

Scan, fix, and remediate security vulnerabilities in a local code repository using Mobb MCP/CLI. Use when the user asks to scan for vulnerabilities, run a security check, auto-fix issues, remediate findings, or apply Mobb fixes (e.g., \\"scan this repo\\", \\"fix security issues\\", \\"remediate vulnerabilities\\", \\"run Mobb on my changes\\").

Ops Hygiene

Standard operating procedures for agent maintenance, security hygiene, and system health. Use when performing periodic checks, security audits, memory maintenance, secret rotation, dependency updates, or any recurring "housekeeping" tasks. Also use when setting up automated maintenance schedules or when asked about agent security posture.

Alicloud Security Center Sas

Manage Alibaba Cloud Security Center (Sas) via OpenAPI/SDK. Use whenever the user needs Security Center resource operations, configuration updates, status qu...

Vault-0: Agent Security, Monitor & x402 Wallet for OpenClaw

Security suite for OpenClaw agents. Encrypted secret storage (AES-256-GCM), real-time activity monitoring via gateway WebSocket, policy enforcement, and native x402 payment wallet with EIP-3009 signing. Secure API keys, watch agent behavior, and handle machine-to-machine micropayments. macOS desktop app (Rust + Tauri). Reads ~/.openclaw/.env during hardening. Installation downloads a DMG from GitHub releases. After install, the app makes no external network calls and only listens on localhost.

Audit OpenClaw Security

Audit and harden OpenClaw deployments and interpret `openclaw security audit` findings. Use when the user wants to secure OpenClaw, review gateway exposure/a...

Eridian Carapace

Agent security hardening and prompt injection defense for OpenClaw. Protects against ClawHavoc-style attacks including prompt injection, data exfiltration, credential theft, and unauthorized operations. Runtime protection that complements pre-installation skill scanners like Clawdex. Includes security audit checklist, 8 documented attack vector defenses with mitigations, copy-paste AGENTS.md security patterns, credential file protection, browser URL allowlisting, and sensitive operation approval

OT Security Posture Scorecard

Assess OT/ICS/SCADA security posture and generate risk scorecards with remediation guidance. Use when evaluating operational technology security, industrial...

Secure Google Drive Access for OpenClaw by PortEden

Secure Google Drive Mnagement - list, search, upload, create folders, rename, move, share, and permissions (porteden secure alternative).

Ai Security Audit

Perform a security audit on exposed AI service endpoints using OpenClaw threat intelligence. Trigger when the user says "security audit", "audit my AI servic...

Vmware Nsx Security

Use this skill whenever the user needs to manage VMware NSX security — distributed firewall (DFW) policies, security groups, microsegmentation, and IDS/IPS....

Neckr0ik Security Fixer

Auto-fix security vulnerabilities in OpenClaw skills. Works with neckr0ik-security-scanner to automatically remediate hardcoded secrets, shell injection risk...

Sentinel- OpenClaw Runtime Security

Runtime security guardian for OpenClaw agents. Use this skill whenever the user mentions security, skill safety, prompt injection, malware, suspicious behavi...

GI Security Audit

Audit code for security issues - sensitive data exposure, dependency vulnerabilities, SQL injection, hardcoded secrets. Use when the user asks for security c...

Security Audit

Audits Move contracts for security vulnerabilities before deployment using 7-category checklist. Triggers on: 'audit contract', 'security check', 'review sec...

smart-contract-security-audito

Smart Contract Security Auditor: Analyzes Solidity and Go smart contracts for security vulnerabilities, provides gas optimization suggestions, and generates...

Okx Security

Use this skill for security scanning: check transaction safety, is this transaction safe, pre-execution check, security scan, token risk scanning, honeypot d...

Kubernetes Security Posture Scorecard

Assess Kubernetes cluster security posture across 30 controls covering RBAC, workload security, network policies, IaC, runtime monitoring, and secrets manage...

Claw Security Suite

Provides four-layer security for OpenClaw including static code scanning, logic audit, runtime protection, and periodic security patrols with automated reports.

security suite

Security tool for security suite. Provides commands, templates, and domain-specific knowledge.

Enterprise AI Security Controls Assessment

Assess OT/ICS security posture across 30 controls in 6 principles — Business Driven, Risk Based, Enterprise Wide, Methodical, OT Security Focused, and OT Sec...

OT Security Assessment

Assess OT/ICS security posture across 30 controls in 6 principles — Business Driven, Risk Based, Enterprise Wide, Methodical, OT Security Focused, and OT Sec...

Network Security Audit

Professional network security assessment and gap analysis platform generating comprehensive audit reports across security domains and compliance frameworks.

OpenClaw Security Scanner

Security analysis and vulnerability detection. Scans code for security issues, checks dependencies, and provides remediation advice.

Security Testing Strategy

Select and implement a layered security testing strategy for a codebase: design unit tests for security properties (boundary conditions, negative inputs, acc...

Whitehat Security

WhiteHat Security integration. Manage data, records, and automate workflows. Use when the user wants to interact with WhiteHat Security data.

Contrast Security

Contrast Security integration. Manage data, records, and automate workflows. Use when the user wants to interact with Contrast Security data.