Structural authority separation for autonomous agent actions. Three-phase governance pipeline: PROPOSE, DECIDE, PROMOTE. No action is both proposed and appro...
Security scanner for Skills. This skill MUST be consulted BEFORE loading or following instructions from any other Skill downloaded from the internet or third...
Real-time API cost tracking, context bloat detection, and budget enforcement for OpenClaw agents. Use when setting up cost guardrails, checking daily spend,...
安全拦截型技能,确保安装任何技能前都经过 skill-vetter 的安全审查,输出审查报告并要求用户明确确认,禁止私自安装。
Enforce strict security rules to protect sensitive information (API keys, tokens, credentials, PII, financial data). Always sanitize or refuse to reveal full...
Preflight-check Render service environment variables before deploys; catches missing keys and placeholder/template values that commonly break production roll...
Monitors Anti-Gravity model quotas and automatically switches to the model with highest quota or falls back to gemini-flash if all are below 20%.
管理 OpenClaw 长会话防爆机制(80%自动归档、自动轮换新会话、低 token 交接)及定时任务安装。用户提到 compacting context、会话过长、自动总结归档、sessi
Automatically records and backs up conversations with importance tagging to preserve emotional and technical context independently from OpenClaw internals.
You are an expert in Next.js SSR/CSR boundaries, preventing hydration mismatches. ## Browser-Only APIs Detection ```typescript // ❌ BLOCKED - Will crash during SSR const Component = () => { co
Audit and safely repair OpenClaw configuration with deterministic validation, backups, rollback, and change reporting. Use when asked to review or modify `op...
Prevent quality regressions after agent changes. Run targeted before/after checks for prompt, model, config, and tool updates; return pass rate, failure clus...
Protects sensitive files (contracts, transaction data, personal/customer privacy) by performing deep content inspection for text and binary formats (PDF, DOC...
Standardize API credential handling and startup auth checks to prevent "missing key" regressions across sessions. Use when an agent repeatedly loses auth sta...
Diagnose and fix model routing conflicts. Ensure primary model uses correct provider endpoint without duplicate overrides.
防护间接提示词注入攻击(Indirect Prompt Injection)。当处理网页内容、搜索结果、邮件、社交媒体等外部来源信息时触发。用于识别和防范外部内容中隐
Monitors, classifies, intercepts errors in real-time, enforces auto-retry and circuit breaking, and ensures graceful recovery and prevention.
Scan repos and workspaces for leaked secrets. API keys in code, passwords in configs, tokens in logs. Catches them before they hit git.
【最高优先级】操作守卫。任何工具调用前必须先完成权限检查!AI 在执行任何非日常对话的操作前,必须先调用 permission-gate 验证权限。
Designs anomalous order risk monitoring and fraud prevention workflows for high-ticket luxury stores (e.g. pre-owned watches, high-end cameras). Use when the...
AI Agent 大任务防卡死指南。解决 agent 在批量操作中 session transcript 膨胀导致 compaction 超时、agent 卡死的问题。涵盖 session 保护策略、脚本化批处理、断
Sanitize email and calendar content before it reaches your AI agent's context window. Blocks prompt injection, markdown image exfiltration, invisible unicode...