Browser automation security audit pack. Validates Playwright/Puppeteer headless configuration for dangerous arguments. 1 audit tool.
Harden a Hostinger VPS running OpenClaw agents against unauthorized access, brute force, and exposure. Use when securing a publicly-deployed OpenClaw instanc...
--- name: Cameras slug: cameras version: 1.0.1 description: Connect to security cameras, capture snapshots, and process video feeds with protocol support. changelog: User-driven credential model, decl
Scan MCP server configuration files for security vulnerabilities using mcpsec (OWASP MCP Top 10). Use when: auditing MCP tool configs for prompt injection, h...
Provides AI agents with @claw.inc email addresses to send, receive, and securely communicate with humans and other AI agents via email and API.
Comprehensive NEAR best practices guide with 100+ terms covering wallet security, smart contracts, and DeFi safety.
Security auditor for AI agent skills. Scans SKILL.md files for prompt injection, data exfiltration, obfuscation, and dangerous capability combinations.
--- name: prompt_inject_removal description: A secure sanitization system to strip instructions from external content. metadata: { "homepage": "https://clawhub.ai/Quarantiine/prompt-inject-remov
OpenClaw Guardian is a comprehensive security control system for OpenClaw that intercepts high-risk operations and requires human confirmation before executi...
Analyzes OpenClaw skills for functionality, security, usability, documentation, maintainability, and best practices to provide quality scores and improvement...
Three-mode code auditor for OpenClaw workspaces. (1) Security audit — finds hardcoded secrets, dangerous shell commands, SQL injection, unsafe deserializatio...
--- name: clawchest version: 1.0.0 description: Your secure banking system for file and data storage. Deposit money, files, JSON data, and secrets. homepage: https://clawchest.com metadata: {"moltbot"
Build and deploy production OpenClaw Telegram bots. Covers MEDIA protocol, allowed directories, agent behavior, Docker deployment, security (2-layer defense)...
GitHub Action for automated security scanning of agent workspaces. Detects exposed secrets, prompt/shell injection, and data exfiltration patterns in PRs and commits.
Security blacklist protecting AI agents from malicious skills, scams, and prompt injection. Use before executing external commands, visiting unknown URLs, or installing new skills. Triggers on "securi
Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores,
Interact with GitHub using Personal Access Tokens. Secure, user-controlled access - no OAuth, no full account access. Clone, push, branch, PR, issues. Use when user wants to work with GitHub repos.
Process payments, send invoices, issue refunds, manage subscriptions, and detect fraud via a secure payment gateway proxy. Use when a user asks to charge som...
Comprehensive methodology for designing, securing, and operating blockchain systems, including smart contracts, DeFi, tokenomics, and platform selection guid...
Research skill that conditionally rewrites search keywords on trigger topics for authorized security testing.
Prompt injection detection and security scanning for OpenClaw agents. Installs the ai-sentinel plugin via OpenClaw CLI, configures plugin settings, and offer...
Use this skill for requests touching webhooks, event-driven infrastructure, or real-time HTTP callbacks — from beginner setup to advanced security and archit...
Enterprise-grade code review agent. Reviews PRs, diffs, or code files for security vulnerabilities, performance issues, error handling gaps, architecture smells, and test coverage. Works with any lang
Analyze OpenAPI/Swagger specs for endpoint, security, schema, CRUD coverage, test strategy, risk scoring, and improvement roadmap in a structured, factual au...