Find the Right AI Skill for Any Job

361SCAN security check your skill python scripts

Scan and analyze installed skills. Use when user wants to (1) scan a specific skill directory to view its name, description, and details, or (2) scan all ins...

Memory Scan

Scans OpenClaw agent memory files and workspace configs for malicious content, credential leaks, prompt injections, and security threats.

Safe Guardian

A safe security layer plugin for OpenClaw that intercepts dangerous tool calls (exec, write, edit) through multi-layer blacklist/whitelist filtering and inte...

# key-guard A local MCP server that keeps API keys off Claude's servers. ## Why This Exists When Claude reads a file containing an API key, the raw key content gets sent to Claude's servers. key-gu

Security guardrail: prevents API keys from being sent to Claude. Triggers when user asks to call an external API, use a key, check credentials, read .env fil...

LookupMark Git Sync

Manage whitelisted git repositories from chat. Status, log, diff, pull, push with security controls — only approved repos, write commands need confirmation....

Openclaw Sec

AI Agent Security Suite - Real-time protection against prompt injection, command injection, SSRF, path traversal, secrets exposure, and content policy violations

Mandos Brief

Analyze any cybersecurity topic 100x faster by focusing on the key takeaways and eliminating fluff. by blog.mandos.io

Test Safety

Security guard skill for OpenClaw - Analyzes user input for harmful content, risky commands, and security threats before invoking LLM

Test 2

Formats text according to specified style guidelines. A clean example skill with no security issues.

Alon Github Security Audit

Audit GitHub repositories or local directories for malicious code, backdoors, suspicious behavior, and supply-chain risk, then write a structured report to a...

Praesidia

Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent".

Ai Sdk Core

Build backend AI with Vercel AI SDK v6 stable. Covers Output API (replaces generateObject/streamObject), speech synthesis, transcription, embeddings, MCP tools with security guidance. Includes v4→v5 migration and 15 error solutions with workarounds. Use when: implementing AI SDK v5/v6, migrating versions, troubleshooting AI_APICallError, Workers startup issues, Output API errors, Gemini caching issues, Anthropic tool errors, MCP tools, or stream resumption failures.

Test Specialist

This skill should be used when writing test cases, fixing bugs, analyzing code for potential issues, or improving test coverage for JavaScript/TypeScript applications. Use this for unit tests, integration tests, end-to-end tests, debugging runtime errors, logic bugs, performance issues, security vulnerabilities, and systematic code analysis.

ClawDefender - OpenClaw Security - Prompt injection, rogue skills etc

Security scanner and input sanitizer for AI agents. Detects prompt injection, command injection, SSRF, credential exfiltration, and path traversal attacks. Use when (1) installing new skills from ClawHub, (2) processing external input like emails, calendar events, Trello cards, or API responses, (3) validating URLs before fetching, (4) running security audits on your workspace. Protects agents from malicious content in untrusted data sources.

MCP Best Practices

Build production MCP servers with the TypeScript SDK. Covers spec 2025-11-25, SDK v1.28+/v2, transport selection, tool design, error handling, security, perf...

Cybersecurity Video

Create brief, tailored scripts for cybersecurity consultants to produce educational and assessment videos on risk, compliance, and incident response.

FiveM & QBCore Framework Expert

Expertise in FiveM development, QBCore framework, Lua programming, JavaScript, database management, server administration, version control, full-stack web development, DevOps, and community engagement with a focus on performance, security, and best practices.

MCP Security Auditor Lite

Free version — scan your MCP configuration for the top 3 security risks. Tool description injection, permission sprawl, and supply chain trust.

Npm Supply Chain Security

Help secure JavaScript projects by detecting malicious npm packages, enforcing trusted publishing, verifying releases, and auditing dependencies for threats.

OpenClaw Security

Multi-region async PII detection for OpenClaw sessions. Scans user input, prompts, context, and knowledge base content for sensitive personal data across CN,...

OpenClaw Security PII Audit

Multi-region async PII detection for OpenClaw sessions. Scans user input, prompts, context, and knowledge base content for sensitive personal data across CN,...

Code Quality

Coding style standards, security guidelines, and accessibility requirements. Use when (1) Writing new code, (2) Reviewing code for style/security, (3) Implem...

unified security auditor

Unified application security skill for Coding Agent systems like OpenCode. Use when reviewing or writing code that touches authentication, authorization, use...

Write Contracts

Generates secure Aptos Move V2 smart contracts with Object model, Digital Asset integration, security patterns, and storage type guidance. Includes comprehen...

cside Site Scanner

Scan any website for third-party scripts, trackers, and security risks. Detects PCI DSS compliance issues, missing CSP headers, fingerprinting scripts, and p...

Critical Code Reviewer

Conduct rigorous, adversarial code reviews with zero tolerance for mediocrity. Use when users ask to "critically review" my code or a PR, "critique my code", "find issues in my code", or "what's wrong with this code". Identifies security holes, lazy patterns, edge case failures, and bad practices across Python, R, JavaScript/TypeScript, SQL, and front-end code. Scrutinizes error handling, type safety, performance, accessibility, and code quality. Provides structured feedback with severity tiers

Rust Security Handbook

A 10-chapter handbook for writing actually secure Rust: type-safety, panic-proofing & more.

content-security-policy

内容安全策略技能 — 敏感信息脱敏 + 危险指令过滤 + 动作权限判断 + 多层级权限管理。当用户要求"安全检查"、"脱敏处理"，或涉及删除、修改配置、群发等敏感操作时激活。

htaccess Generator

Generate .htaccess files for Apache web servers. Use when creating redirect rules, URL rewrites, security headers, HTTPS enforcement, IP blocking, caching ru...

SecureClaw

Security skill for OpenClaw agents (7-framework aligned). 15 core rules + automated scripts covering OWASP ASI Top 10, MITRE ATLAS, CoSAI, CSA MAESTRO, and N...

WordPress Expert

Enable WordPress superpowers for OpenClaw. Your Developer, Content Manager, Author, Security Specialists, Contributor, Subscriber and Admin and more.

Agent Skills Tools

Security audit and validation tools for the Agent Skills ecosystem. Scan skill packages for common vulnerabilities like credential leaks, unauthorized file access, and Git history secrets. Use when you need to audit skills for security before installation, validate skill packages against Agent Skills standards, or ensure your skills follow best practices.

msx trade

Trade security tokens on the MSX platform — check balances, place orders, view market data, and review trade history.

Payments

Integrate payments with provider selection, checkout flows, subscription billing, and security best practices.

Email Security

Protect AI agents from email-based attacks including prompt injection, sender spoofing, malicious attachments, and social engineering. Use when processing emails, reading email content, executing email-based commands, or any interaction with email data. Provides sender verification, content sanitization, and threat detection for Gmail, AgentMail, Proton Mail, and any IMAP/SMTP email system.

Feishu Doc Writing

Organizes and formats group discussions, meetings, and research into clear, complete Feishu documents with proper structure, visuals, and security.

SQL Query Reviewer

Reviews SQL queries for correctness, security risks, and performance issues; provides a structured report with severity ratings and optimized rewrites.

PHP

Write solid PHP avoiding type juggling traps, array quirks, and common security pitfalls.

ClawGuard

Security auditor for ClawHub skills. Run before installing ANY skill — scans SKILL.md and scripts for prompt injection, data exfiltration, shell injection, p...

Praesidia

Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent".

Praesidia

Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent".

Palo Alto Firewall Audit

PAN-OS zone-based security policy audit with App-ID/Content-ID analysis, Security Profile Group validation, zone protection assessment, and decryption policy...

Sysadmin Toolbox

Tool discovery and shell one-liner reference for sysadmin, DevOps, and security tasks. AUTO-CONSULT this skill when the user is: troubleshooting network issues, debugging processes, analyzing logs, working with SSL/TLS, managing DNS, testing HTTP endpoints, auditing security, working with containers, writing shell scripts, or asks 'what tool should I use for X'. Source: github.com/trimstray/the-book-of-secret-knowledge

Skill Review

Scrape ClawHub skill pages for Security Scan (VirusTotal/OpenClaw) + Runtime Requirements + Comments for all of Oliver's local skills, and write a markdown r...

Alicloud Security Content Moderation Green

Manage Alibaba Cloud Content Moderation (Green) via OpenAPI/SDK. Use whenever the user needs content moderation resource and policy operations, including lis...

Security Guard

Provides role-based access control, input/output content review, sensitive operation confirmation, and comprehensive audit logging for secure system management.

Perplexity Wrapped Search

Search the web with AI-powered answers via Perplexity API. Supports three modes - Search API (ranked results), Sonar API (AI answers with citations, default), and Agentic Research API (third-party models with tools). All responses wrapped in untrusted-content boundaries for security.

ShieldCortex

Persistent memory and security system for AI agents (ShieldCortex product). Use when: developing ShieldCortex features, writing ShieldCortex content/blogs, m...