Find the Right AI Skill for Any Job

Java Spring Boot

Build production Spring Boot applications - REST APIs, Security, Data, Actuator

Review Code

Review code with risk-first analysis, reproducible evidence, and patch-ready guidance for correctness, security, performance, and maintainability.

PHP

Write solid PHP avoiding type juggling traps, array quirks, and common security pitfalls.

Pr Review

Comprehensive pull request review covering code quality, security, performance, and maintainability. Use for any code review task.

CLAW-1 Skill Auditor

Analyze SKILL.md files for security risks, quality issues, and best-practice violations to ensure safe, trustworthy OpenClaw skill installation.

Code Review Assistant Zhuyu28

AI-powered code review assistant that analyzes code for bugs, security issues, performance problems, and style violations. Supports multiple programming lang...

Semantic Shield

AI skill safety validation — real human experts vet skills, plugins, and MCP tools for security risks. Query trust scores, submit evaluation inquiries, and g...

Spring Boot Engineer

Use when building Spring Boot 3.x applications, microservices, or reactive Java applications. Invoke for Spring Data JPA, Spring Security 6, WebFlux, Spring Cloud integration.

Prism

Use PRISM when: (1) reviewing an architecture decision, security-sensitive change, or major refactor (>500 lines), (2) making a decision you'll live with for...

Security Review

Run a world-class security assessment before installing any external package, CLI, npm module, Python library, or third-party integration. Produces a GO/NO-G...

Moltcops Skill

Pre-install security scanner for AI agent skills. Detects malicious patterns before you trust code. Local-first — code never leaves your machine.

Credence

Check any MCP server or AI tool against the Credence trust registry before installing it. Scores security, provenance, and behavioral risk on a 0-100 scale.

Praesidia

Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent".

Praesidia

Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent".

Crusty Security

Security and threat scanning skill for OpenClaw agents. Scans files and skills for malware. Monitors agent behavior for compromise indicators. Audits host se...

Open Code Review

Scan AI-generated code for hallucinated packages, stale APIs, security anti-patterns, and over-engineering. Use when: (1) reviewing PRs with AI-generated cod...

Skill Safety Checker

Runs VirusTotal-style security checks on OpenClaw/Cursor skills before install, including remote code execution (RCE) and malicious code (obfuscation, exfilt...

Wish Ssh Code Review

Reviews Wish SSH server code for proper middleware, session handling, and security patterns. Use when reviewing SSH server code using charmbracelet/wish.

AI Skill Scanner

Scan OpenBot/Clawdbot skills for security vulnerabilities, malicious code, and suspicious patterns before installing them. Use when a user wants to audit a skill, check if a ClawHub skill is safe, scan for credential exfiltration, detect prompt injection, or review skill security. Triggers on security audit, skill safety check, malware scan, or trust verification.

Dep Vuln Scanner

Scan project dependencies for known security vulnerabilities using the OSV.dev API. Supports npm (package.json), Python/pip (requirements.txt), and Go (go.mo...

ai-skill

A high-tier coding assistant specializing in Next.js (React) and FastAPI (Python) architecture, security, and performance.

Sysadmin Toolbox

Tool discovery and shell one-liner reference for sysadmin, DevOps, and security tasks. AUTO-CONSULT this skill when the user is: troubleshooting network issues, debugging processes, analyzing logs, working with SSL/TLS, managing DNS, testing HTTP endpoints, auditing security, working with containers, writing shell scripts, or asks 'what tool should I use for X'. Source: github.com/trimstray/the-book-of-secret-knowledge

aegis-skill-vetter

Enterprise-grade security vetting protocol for AI agent skills. Automated threat detection, quantified risk scoring, and zero-trust code analysis.

Skill Review

Scrape ClawHub skill pages for Security Scan (VirusTotal/OpenClaw) + Runtime Requirements + Comments for all of Oliver's local skills, and write a markdown r...

ecap Security Auditor

Security audit framework for AI agent skills, MCP servers, and packages. Your LLM does the analysis — we provide structure, prompts, and a shared trust database.

ai-supply-chain-security

Cross-platform AI security scanner detecting hooks risks, MCP server attacks, prompt injection, supply chain threats in npm, PyPI, Rust, and GitHub Actions c...

Perplexity Wrapped Search

Search the web with AI-powered answers via Perplexity API. Supports three modes - Search API (ranked results), Sonar API (AI answers with citations, default), and Agentic Research API (third-party models with tools). All responses wrapped in untrusted-content boundaries for security.

Liveview Code Review

Reviews Phoenix LiveView code for lifecycle patterns, assigns/streams usage, components, and security. Use when reviewing LiveView modules, .heex templates,...

CVE Audit Skill

Security auditing skill for scanning CVE vulnerabilities across npm, Python, Go, and Rust projects using osv-ui. Opens a visual browser dashboard for human r...

Vault-0: Agent Security, Monitor & x402 Wallet for OpenClaw

Security suite for OpenClaw agents. Encrypted secret storage (AES-256-GCM), real-time activity monitoring via gateway WebSocket, policy enforcement, and native x402 payment wallet with EIP-3009 signing. Secure API keys, watch agent behavior, and handle machine-to-machine micropayments. macOS desktop app (Rust + Tauri). Reads ~/.openclaw/.env during hardening. Installation downloads a DMG from GitHub releases. After install, the app makes no external network calls and only listens on localhost.

Praesidia

Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent".

agent-bom

Open security scanner for agentic infrastructure — agents, MCP, packages, blast radius, runtime, and trust across MCP discovery, CVEs, SBOMs, CIS benchmarks...

gitlab-code-reviewer

Senior-level code review for GitLab merge requests. Use when: reviewing MRs, providing feedback on code quality, security, performance, maintainability, or p...

trust-badges-generator

When the user wants to add or optimize trust badges, "Trusted by" logos, security seals, or social proof elements. Also use when the user mentions "trust bad...

Sui Coverage

Analyze Sui Move test coverage, identify untested code, write missing tests, and perform security audits. Includes Python tools for parsing coverage output and generating reports.

Firm Platform Audit Pack

Platform alignment audit pack for OpenClaw 2026.2. Secrets v2, agent routing, voice security, trust model, autoupdate, plugin SDK, content boundaries, and sq...

Alarm Company Promo Video

Home security and alarm companies that publish educational and trust-building video content generate 3x more qualified residential and commercial leads than...

Security Audit

Comprehensive security audit for an agent's full skill stack. Chains scanner, differ, trust-verifier, and health-monitor into a single assessment with priori...

Web Expert

Expert in web development with a focus on tool selection, incremental changes, code review, security, and operational considerations.

GI Code Review

Review code for quality, security, and maintainability following team standards. Use when reviewing pull requests, examining code changes, or when the user a...

ztp

A mandatory security audit skill for validating new code, skills, and MCP servers against the SEP-2026 Zero Trust protocol.

Moltcops

Pre-install security scanner for AI agent skills. Detects malicious patterns before you trust code. Local-first — code never leaves your machine.

opsec.md

A swift reminder of both human and agent duties regarding operational security.

code-review-for-gitcode

Handles full GitCode PR code reviews by automating security scans, manual analysis, selecting top issues, formatting results, and optionally posting review c...

Lieutenant - AI Agent Security

AI agent security and trust verification. Scan messages, agent cards, and A2A communications for prompt injection, jailbreaks, and malicious patterns. Use when protecting agents from attacks, verifying external agents, or scanning untrusted content.

Safe Exec Wrapper

Protect against prompt injection from shell command output. Wrap untrusted commands (curl, API calls, reading user-generated files) with UUID-based security boundaries. Use when executing commands that return external/untrusted data that could contain prompt injection attacks.

Security code review

Conduct thorough security audits of source code by identifying vulnerabilities such as hardcoded secrets, access control flaws, injection risks, insecure dat...

Sui Auto Test

Analyze Sui Move test coverage, identify untested code, write missing tests, and perform security audits. Includes Python tools for parsing coverage output and generating reports.