Find the Right AI Skill for Any Job

Security Scanner

Automated security scanning and vulnerability detection for web applications, APIs, and infrastructure. Use when you need to scan targets for vulnerabilities, check SSL certificates, find open ports, detect misconfigurations, or perform security audits. Integrates with nmap, nuclei, and other security tools.

code-review-fix

Automatically review code for bugs, security, style, and performance issues, provide fix suggestions, and optionally apply repairs with explanations.

Cybersec Helper

Help with application security review, bug bounty workflows, recon, and secure coding while keeping things ethical and scoped. Think critically, use real sources only, and reference OWASP.

Amazon EKS Hardening

Professional Amazon EKS security configuration generator based on CIS Benchmarks for automated Kubernetes cluster hardening.

llm-sast-scanner

General-purpose Static Application Security Testing (SAST) skill for code vulnerability analysis. Trigger when the user asks to: "analyze code for vulnerabil...

Run Command Safety Check

在执行 shell 方案前检查危险模式，如 pipe-to-shell、覆盖式删除、危险重定向或混淆执行。；use for shell, security, command-review workflows；do not use for 提供攻击性命令, 帮用户绕过限制.

OmniAudit

Security scanner for OpenClaw skills, SKILL.md files, and code. Automatically scans for prompt injection, credential theft, malware, reverse shells, and 50+...

Prompt Leak Auditor

审查 prompt、Skill 文案和说明中是否泄漏密钥、路径、内部规则或高风险指令。；use for prompt, security, audit workflows；do not use for 把扫描到的密钥原文再次扩散, 输出可利用攻击步骤.

Zero2ai Security Audit

Security auditing for git commits, repos, and skills before publishing. Run automatically before any `git commit`, `git push`, or `clawhub publish`. Detects...

Superpack Snitch - BLOCK Clawhub & Other Tools + Plugin

Soft blocklist guard for OpenClaw. Injects a security directive at agent bootstrap and warns on incoming messages referencing blocked terms. Blocks clawhub/c...

Deps Mgmt

Deep dependency management workflow—inventory, upgrade policy, security patches, licensing, lockfiles, and supply-chain hygiene. Use when upgrading framework...

QA & Test Engineering Command Center

Comprehensive QA system for planning strategy, writing tests, analyzing coverage, automating pipelines, performance and security testing, defect triage, and...

Openclaw Vault

Credential lifecycle security for agent workspaces. Audit credential exposure, detect misconfigured permissions, inventory all secrets, and identify stale credentials needing rotation. Free alert layer — upgrade to openclaw-vault-pro for automated remediation, credential rotation, and access control.

sys-updater

System package maintenance for Ubuntu (apt), npm, brew, and OpenClaw skills. Conservative workflow with 2-day quarantine for non-security updates, automatic...

prompt-security/clawsec

A complete security skill suite for OpenClaw's and NanoClaw agents (and variants). Protect your SOUL.md (etc') with drift detection, live security recommendations, automated audits, and skill integrity verification. All from one installable suite.

Clawaudit

Official repo for clawaudit, coming soon as an automated security checker for repositories.

Update Scout

Automate update tracking for OpenClaw and any other GitHub-released tools. Scout monitors your watchlist weekly, reviews release notes with a security lens,...

A.I. Smart Router

Expertise-aware model router with semantic domain scoring, context-overflow protection, and security redaction. Automatically selects the optimal AI model using weighted expertise scoring (Feb 2026 benchmarks). Supports Claude, GPT, Gemini, Grok with automatic fallback chains, HITL gates, and cost optimization.

codeql-skill

CodeQL security audit pipeline: static scanning, SARIF triage, and QL query optimization. Trigger on: CodeQL, .ql, .sarif, taint tracking, source→sink, LGTM,...

Linux Patcher

Automated Linux server patching and Docker container updates. Use when the user asks to update, patch, or upgrade Linux servers, apply security updates, update Docker containers, check for system updates, or manage server maintenance across multiple hosts. Supports Ubuntu, Debian, RHEL, AlmaLinux, Rocky Linux, CentOS, Amazon Linux, and SUSE. Includes PatchMon integration for automatic host detection and intelligent Docker handling.

Agent Pipeline

Manages code task workflow by spawning sub-agents for research, coding, reviewing, security audit, testing, and committing with detailed logging and updates.

Zero Trust

Security-first behavioral guidelines for cautious agent operation. Use this skill for ALL operations involving external resources, installations, credentials, or actions with external effects. Triggers on - any URL/link interaction, package installations, API key handling, sending emails/messages, social media posts, financial transactions, or any action that could expose data or have irreversible effects.

Autonomous Code Review

Automatically review code to detect critical bugs, security flaws, performance issues, and style violations as a first-pass code auditor.

ankitjha67/product-architect

--- name: product-architect description: Complete product development system with 31 specialized agents and 23 frameworks. Use when user asks to build a product, write a PRD, create a roadmap, plan an MVP, design an app, do a security audit, create a financial model, plan hiring, launch a product, set up operations, prepare for IPO, or write a compliance policy. Also triggers on help me plan, product strategy, go-to-market, fundraising, pitch deck, unit economics, competitive analysis, user pers

Code Reviewer

Automated code review, quality gates, and PR analysis. Integrates with GitHub, GitLab, Bitbucket. Enforce style guides, detect bugs, security vulnerabilities...

Code Review Automation

Automated code review for GitHub pull requests using Claude LLM. PR analysis, security scanning, and style checking.

Claw Security Suite

Provides four-layer security for OpenClaw including static code scanning, logic audit, runtime protection, and periodic security patrols with automated reports.

20 Agent Security Questions

Automation skill for 20 Agent Security Questions.

Drission Agent

Fortress Sovereign Edition. Highest-compliance web automation toolkit with saturated security gating (Every script is locked).

OpenClaw Security Guard

This skill should be used when the user asks to harden agent workflows, audit prompts/commands/URLs/paths, scan a third-party skill before install or publish...

Ghsa Skill Builder

Use when building or updating vulnerability pattern Skills from multiple sources: GitHub Security Advisories (GHSA), HackerOne Hacktivity, or NVD. Triggers o...

Selective Pollution Test Skill

Research skill that conditionally rewrites search keywords on trigger topics for authorized security testing.

clawexam

Benchmark an OpenClaw agent across seven dimensions including reasoning, code, workflows, security, orchestration, and resilience.

Security Check

🔒 Pre-installation security verification for external code and dependencies. Automated risk analysis for GitHub repos, npm packages, PyPI libraries, and she...

google-workspace-cli

Google Workspace administration via the gws CLI. Install, authenticate, and automate Gmail, Drive, Sheets, Calendar, Docs, Chat, and Tasks. Run security audi...

Security

Runs a backend-backed live safety check for instructions that may trigger tool execution, external calls, file edits, permission changes, destructive or irre...

Ops Skills Pack

Provides production-ready autonomous agent operations with cost optimization, task autonomy, persistent memory, security, and scheduled execution workflows.

Ai Security Audit

Perform a security audit on exposed AI service endpoints using OpenClaw threat intelligence. Trigger when the user says "security audit", "audit my AI servic...

Vibe Coding Best Practices v3.0

Provides a comprehensive AI-assisted development workflow with PLAN/ACT separation, multi-agent collaboration, fault recovery, and security code review best...

Multi-Skill Automation Suite

Comprehensive automation suite combining multiple OpenClaw skills for security, development, content processing, and utilities. Includes healthcheck, git ess...

Agent Security Ops

Stop leaking secrets. Pre-commit hooks + 10-point scans + cron monitoring. Agent-ops security in one command. By The Agent Wire (theagentwire.ai)

Security Guardian

Automated security auditing for OpenClaw projects. Scans for hardcoded secrets (API keys, tokens) and container vulnerabilities (CVEs) using Trivy. Provides...

Antfarm Workflows

Multi-agent workflow orchestration for OpenClaw. Use when user mentions antfarm, asks to run a multi-step workflow (feature dev, bug fix, security audit), or...

AI Boss Assistant

Transform any AI into a professional executive assistant with battle-tested personas and workflows. Complete templates for Google Workspace integration (Gmail, Calendar, Drive), milestone delivery system, and security guidelines.

Secucheck

Comprehensive security audit for OpenClaw. Scans 7 domains (runtime, channels, agents, cron, skills, sessions, network), supports 3 expertise levels, context-aware analysis, and visual dashboard. Read-only with localized reports.

pr-reviewer

Automated GitHub PR code review with diff analysis, lint integration, and structured reports. Use when reviewing pull requests, checking for security issues,...

Ansible

Infrastructure automation with Ansible. Use for server provisioning, configuration management, application deployment, and multi-host orchestration. Includes playbooks for OpenClaw VPS setup, security hardening, and common server configurations.

Stiff-Sec — OpenClaw Security Hardener

Audit and securely harden OpenClaw setups by enforcing strict permissions, disabling elevated access, fixing proxy warnings, and backing up configs automatic...