Call any API without leaking credentials. Keychains proxies requests and injects real tokens server-side — your agent never sees them.
Help AI agents recognize and respond to potentially malicious skill patterns from public registries. Based on Snyk ToxicSkills research showing 13.4% of skil...
Review and audit OpenClaw skills and agents for data risks, code execution, persistence, network access, privilege escalation, and supply-chain threats befor...
Inspect third-party Claude/OpenClaw/Codex/OpenCode skills, plugins, repos, npm packages, pip packages, shell installers, and GitHub Actions before any downlo...
MoltGuard — Protect you and your human from prompt injection, data exfiltration, and malicious commands. Source: https://github.com/openguardrails/openguardr...
Scan AI agent skills for malware, credential theft, prompt injection, and dangerous permissions before installing them
扫描代码中常见安全漏洞如SQL注入、XSS、硬编码密码,提供检测结果和安全评分建议。
Enforces regex-based, real-time authorization policies on OpenClaw agents’ tool calls, blocking, allowing, or requiring approval before execution.
Companion skill for @cybrlab/urlcheck-openclaw. Requires URLCheck plugin tools to assess URLs for threats and intent alignment before navigation.
Securely connect and manage Gmail, Calendar, Drive, Jira, Notion, GitHub, and 50+ enterprise tools via a single OAuth2 gateway.
Manage and enforce least-privilege execution, approval-based elevation, port and egress monitoring, and ISO 27001/NIST compliance reporting for OpenClaw secu...
This skill should be used when the user asks to harden agent workflows, audit prompts/commands/URLs/paths, scan a third-party skill before install or publish...
Set up an lnd remote signer container that holds private keys separately from the agent. Exports a credentials bundle (accounts JSON, TLS cert, admin macaroon) for watch-only litd nodes. Container-fir
Prompt injection and jailbreak detection pack. 16 compiled regex patterns across 3 severity levels (CRITICAL, HIGH, MEDIUM). Supports single-prompt and batch...
小龙虾安全点对点加密通讯技能:端到端加密的消息传递、文件传输和身份验证系统。专为小龙虾代理间的安全通信设计。
一键自动化安全审计:nmap 端口扫描 + nuclei 12000+ CVE 漏洞检测(内外网双扫)+ SSL/TLS 检查 + SSH/防火墙/fail2ban 系统审计 + Markdown 报告生成。支持 cron 定时
提供Linux/Unix服务器进程、网络、文件权限、敏感信息、日志和进程树的安全审计与异常行为检测工具。
Provides a production-ready API template with JWT, API key, OAuth2 authentication, role-based access control, rate limiting, input validation, logging, and e...
Runs a backend-backed live safety check for instructions that may trigger tool execution, external calls, file edits, permission changes, destructive or irre...
全方位安全审计技能。检查文件权限、环境变量、依赖漏洞、配置文件、网络端口、Git 安全、Shell 安全、macOS 安全、密钥检测等。支持 CLI 参数、JSON 输
Use Perplexity API for web-grounded AI search. Use when user needs up-to-date information with source citations, factual queries about current events, or research-style answers. Default when user ment
Key lifecycle management with Volcengine KMS. Use when users need key creation, rotation policies, encryption/decryption workflows, or key permission troubleshooting.