Find the Right AI Skill for Any Job

Nginx Config

Nginx配置生成。服务器配置、反向代理、SSL、缓存、安全加固、性能优化。Nginx config generator with reverse proxy, SSL, caching, security, optimization. Nginx、服务器、运维。

Cyberlens Skill

Scan websites and GitHub repositories for practical security issues using CyberLens cloud analysis and local web fallback checks.

claw skill security audit

Conduct comprehensive security audits and vulnerability analysis on codebases. Use when explicitly asked for security analysis, code security review, vulnerability assessment, SAST scanning, or identifying security issues in source code. Covers injection flaws, broken access control, hardcoded secrets, insecure data handling, authentication weaknesses, LLM safety, and privacy violations.

Watadot Aws Iam

IAM security patterns by Watadot Studio. Manage users, roles, and policy verification.

Mux Video Bot

Mux Video infrastructure skill for designing, ingesting, transcoding/packaging, playback ID policy, live streaming, clipping, and observability with Mux Data. Use when architecting or operating Mux-based video pipelines, live workflows, playback security, or diagnosing playback issues.

Config Security Scanner

Security expert for OpenClaw deployments. Audits local configuration files for vulnerabilities in network settings, channel policies, and tool permissions. P...

Openclaw Security Checklist

OpenClaw 部署前安全检查清单。聚焦合规导向的部署前检查（非事后加固），覆盖防火墙、SSH、API 密钥管理、数据出境合规、多部署场景验证。使用清单式检查，可逐项打勾并生成报告。适用于个人 Mac、VPS、Docker、企业部署场景。

Java Security Audit - AI驱动的Java代码审计

AI驱动的Java代码安全审计技能，实现系统化、高覆盖率的漏洞挖掘。使用场景： (1) 审计Java/Kotlin项目寻找安全漏洞（0day挖掘、代码审计、安全评估） (2) 企业级代码库的安全审计（支持大型项目） (3) 需要高质量、低幻觉率的安全审计报告 (4) CI/CD集成的前期漏洞发现 触发关键词：Ja...

Alicloud Security Center Sas

Manage Alibaba Cloud Security Center (Sas) via OpenAPI/SDK. Use whenever the user needs Security Center resource operations, configuration updates, status qu...

Clawd Zero Trust

Zero Trust security hardening for OpenClaw deployments. Use when asked to audit, harden, or apply Zero Trust architecture to an OpenClaw instance — including...

ClawSafe

Multi-layer security detector for AI agents. Blocks prompt injection, jailbreak, XSS, SQL injection, API key leaks, supply chain attacks, and deployment vuln...

Security Audit Toolkit

Audit codebases and infrastructure for security issues. Use when scanning dependencies for vulnerabilities, detecting hardcoded secrets, checking OWASP top 10 issues, verifying SSL/TLS, auditing file permissions, or reviewing code for injection and auth flaws.

GKE Autopilot Hardening

Generate and apply security hardening configurations for Google Kubernetes Engine AutoPilot clusters.

OpenClaw Direct Setup

One-click OpenClaw installer with security hardening. No Docker required - runs directly on Windows, macOS, and Linux.

Sovereign Docker Wizard

Docker optimization expert. Analyzes Dockerfiles for security and performance, generates multi-stage builds, optimizes image size, creates docker-compose con...

portable-deployment-audit

Read-only security auditing for OpenClaw deployments, repositories, and local project directories. Scan an explicit target directory for exposed credentials,...

Cloud Security Posture

Cross-cloud security posture assessment covering IAM analysis, encryption audit, and public exposure detection across AWS, Azure, and GCP using [AWS]/[Azure]...

OpenClaw Credential Manager

MANDATORY security foundation for OpenClaw. Consolidate scattered API keys and credentials into a secure .env file with proper permissions. Includes GPG encryption for high-value secrets, credential rotation tracking, deep scanning, and backup hardening. Use when setting up OpenClaw, migrating credentials, auditing security, or enforcing the .env standard. This is not optional — centralized credential management is a core requirement for secure OpenClaw deployments.

GitHub Actions Failure Phase Audit

Group GitHub Actions failures by pipeline phase (setup/build/test/lint/deploy/security) with minute impact to prioritize fixes.

ISO 27001 Policy Generator

Generate customized ISO 27001:2022 aligned information security policy documents based on your company's profile, infrastructure, and compliance needs.

Agentic Security Audit

Audit codebases, infrastructure, AND agentic AI systems for security issues. Covers traditional security (dependencies, secrets, OWASP web top 10, SSL/TLS, f...

Spring Boot Engineer

Use when building Spring Boot 3.x applications, microservices, or reactive Java applications. Invoke for Spring Data JPA, Spring Security 6, WebFlux, Spring Cloud integration.

Systems Architect

Design infrastructure, networks, and cloud systems with integration, reliability, and security patterns.

My Firewall v2

Configure firewalls on servers and cloud providers with security best practices.

ClawShield

OpenClaw security audit + prompt injection detector. Scans gateway/vulns/cron/PI patterns. Use for frenzy-proofing installs.

Liquidskills

Comprehensive guide covering Hyperliquid's architecture, API, HyperCore vs HyperEVM, gas, wallets, standards, tools, security, testing, and deployment best p...

Firewall

Configure firewalls on servers and cloud providers with security best practices.

Alicloud Security Id Verification Cloudauth

Manage Alibaba Cloud ID Verification (Cloudauth) via OpenAPI/SDK. Use whenever the user is working on identity-verification resource operations, config updat...

Switchboard Skills

Autonomous operator for Switchboard on-demand feeds, Surge streaming, and randomness. Designs jobs, simulates via Crossbar, and deploys/updates/reads feeds across Solana/SVM, EVM, Sui, and other Switchboard-supported chains—with user-controlled security, spend limits, and allow/deny lists.

ShellWard Security Guide

OpenClaw 安全部署指南 / Security deployment guide — help users secure their OpenClaw installation

Security Review

Review code changes for security vulnerabilities. Checks for OWASP Top 10, secrets exposure, injection flaws, auth issues, and insecure defaults. Use when re...

ShieldBot BNB Chain Security Scanner

BNB Chain security scanner — scan contracts, simulate transactions, detect phishing, investigate deployers, track scam campaigns, and audit wallet approvals...

ClawScan

Security scanner for ClawHub skills. Vet third-party skills before installation — detect dangerous patterns, suspicious code, and risky dependencies.

Nist Compliance Assessment

NIST Cybersecurity Framework (CSF) and SP 800-53 Rev 5 compliance assessment for network infrastructure. Maps device configuration against 6 control families...

Prisma Access Audit

Palo Alto Prisma Access SASE audit — security policy evaluation for mobile users and remote networks, GlobalProtect Cloud Service configuration review, servi...

HIPAA Compliance for AI Agents

Generate HIPAA compliance checklists, risk assessments, and audit frameworks for healthcare AI deployments to ensure data security and regulatory adherence.

Sysadmin Toolbox

Tool discovery and shell one-liner reference for sysadmin, DevOps, and security tasks. AUTO-CONSULT this skill when the user is: troubleshooting network issues, debugging processes, analyzing logs, working with SSL/TLS, managing DNS, testing HTTP endpoints, auditing security, working with containers, writing shell scripts, or asks 'what tool should I use for X'. Source: github.com/trimstray/the-book-of-secret-knowledge

Alicloud Security Content Moderation Green

Manage Alibaba Cloud Content Moderation (Green) via OpenAPI/SDK. Use whenever the user needs content moderation resource and policy operations, including lis...

Aws Networking Audit

AWS VPC networking audit covering CIDR architecture, Security Group and NACL rule analysis, Transit Gateway connectivity, VPC Flow Log forensics, Route Table...

Audit OpenClaw Security

Audit and harden OpenClaw deployments and interpret `openclaw security audit` findings. Use when the user wants to secure OpenClaw, review gateway exposure/a...

Terraform Reviewer

Review Terraform plans and HCL files for AWS security misconfigurations before deployment

Security Group Auditor

Audit AWS Security Groups and VPC configurations for dangerous internet exposure

Audit Code

Run a two-pass, multidisciplinary code audit led by a tie-breaker lead, combining security, performance, UX, DX, and edge-case analysis into one prioritized report with concrete fixes. Use when the user asks to audit code, perform a deep review, stress-test a codebase, or produce a risk-ranked remediation plan across backend, frontend, APIs, infra scripts, and product flows.

Auto Sec Blogger Repo

Collects security news from multiple sources, generates expert-level blog posts with GLM-4.7, publishes drafts to Notion, and auto-deploys approved posts to...

Production Readiness

Meta-skill that orchestrates logging, monitoring, error handling, performance, security, deployment, and testing skills to ensure a service is fully production-ready before launch. Use before first deploy, major releases, quarterly reviews, or after incidents.

clawguard

Security review and risk auditing for OpenClaw skills and deployments. Inspect third-party skills, dangerous instructions, credential requests, privilege ris...

Shadows Security Scanner

7-phase security audit pipeline — reconnaissance, dependency scan, application tests, API security, hardening check, OWASP verification, report. Use before p...

agent-bom

Open security scanner for agentic infrastructure — agents, MCP, packages, blast radius, runtime, and trust across MCP discovery, CVEs, SBOMs, CIS benchmarks...