AI Skill Scanner

Scan OpenBot/Clawdbot skills for security vulnerabilities, malicious code, and suspicious patterns before installing them. Use when a user wants to audit a skill, check if a ClawHub skill is safe, scan for credential exfiltration, detect prompt injection, or review skill security. Triggers on security audit, skill safety check, malware scan, or trust verification.

RepoMedic

Safely triage and remediate GitHub dependency hygiene issues with explicit guardrails. Use when Dependabot PRs fail, pnpm lockfiles break, transitive vulnerabilities appear (e.g., glob/lodash/brace-expansion), or CI/Vercel fails due to dependency resolution. Prioritize low-risk fixes, branch+PR workflow, and plain-English explanations.

Code Reviewer

Automated code review, quality gates, and PR analysis. Integrates with GitHub, GitLab, Bitbucket. Enforce style guides, detect bugs, security vulnerabilities...

Snyk Vulnerability Scanner

Automates Snyk security vulnerability scanning, GitHub issue reporting, and auto-fix PR creation for repositories. Use when scanning repositories for securit...

llm-sast-scanner

General-purpose Static Application Security Testing (SAST) skill for code vulnerability analysis. Trigger when the user asks to: "analyze code for vulnerabil...

sentryskills

SentrySkills - Automatic security guard that runs on EVERY task. Protects against prompt injection, data leaks, unsafe commands, and code vulnerabilities wit...

Bug Bounty Triage

Exact-match bug bounty triage workflow for Code4rena, Sherlock, HackenProof, Cantina-style security reviews, Solidity/EVM targets, and vulnerability report p...

clawsec-feed

Security advisory feed package for OpenClaw-related threats and vulnerabilities. The upstream feed is updated daily; local automation is handled by clawsec-s...

AgentAudit

Automatic security gate that checks packages against a vulnerability database before installation. Use before any npm install, pip install, yarn add, or pack...

Expanso cve-scan

Scan software bill of materials (SBOM) for known CVE vulnerabilities using Expanso Edge pipelines.

Pentest Workbench

Comprehensive offensive security workflow for bug bounty, vulnerability assessment, penetration testing, and exploitation. Use when performing security testi...

Ghsa Skill Builder

Use when building or updating vulnerability pattern Skills from multiple sources: GitHub Security Advisories (GHSA), HackerOne Hacktivity, or NVD. Triggers o...

Neckr0ik Security Fixer

Auto-fix security vulnerabilities in OpenClaw skills. Works with neckr0ik-security-scanner to automatically remediate hardcoded secrets, shell injection risk...

GitLab MR Code Review

Automated AI code review for GitLab Merge Requests via polling. Periodically checks for open MRs, reviews code diffs for security vulnerabilities, bugs, and...

Alibabacloud Sas Multiaccount Manage

Manage multiple Alibaba Cloud accounts and batch-export Security Center (SAS) baseline and vulnerability reports via the aliyun CLI and Python scripts. Suppo...

Rafter Security

Security toolkit for AI workflows. Use when scanning code or repos for vulnerabilities, auditing third-party skills/MCPs/agent configs before installing, eva...

clawsec-scanner

Automated vulnerability scanner for agent platforms. Performs dependency scanning (npm audit, pip-audit), multi-database CVE lookup (OSV, NVD, GitHub Advisor...

Web Security Penetration Test

Automates web security penetration testing by performing reconnaissance, vulnerability scanning, exploitation, and generating detailed compliance reports.

Application Logic Flaw Testing

Test web application business logic for vulnerabilities that automated scanners cannot detect. Use this skill when: performing a penetration test or security...

Code Reviewer

Automated code review for pull requests and code snippets. Analyzes code quality, security vulnerabilities, performance issues, and best practices across Pyt...

security-engineer

Expert infrastructure security engineer specializing in DevSecOps, cloud security, and compliance frameworks. Masters security automation, vulnerability mana...