Scan AI agent skills for security vulnerabilities — detects code injection, prompt injection, credential exfiltration, supply chain attacks, and 69+ threat p...
Supply chain intelligence for OpenClaw skills. Use when analyzing the local skill ecosystem, understanding tool and package dependencies, discovering skill c...
Scan OpenClaw skill directories for 22 supply chain attack patterns with context-aware detection, colored output, JSON reports, and whitelist support.
Fail-closed security auditing for OpenClaw/ClawHub skills & repos: trufflehog secrets scanning, semgrep SAST, prompt-injection/persistence signals, and supply-chain hygiene checks before enabling or i
Supply chain security for agent skills. Pre-install inspection, post-install scanning, obfuscation detection, and known-bad signature matching. Verify skills are safe before they touch your workspace.
CTO & Engineering Excellence Playbook. Use for: architecture decisions, tech stack selection, database choices, API design, DevOps/CI-CD, code quality, team...
Unified security suite for agent workspaces. Installs, configures, and orchestrates all 11 OpenClaw security tools in one command — integrity, secrets, permissions, network, audit trail, signing, su
--- name: "dependency-auditor" description: "Dependency Auditor" --- # Dependency Auditor > **Skill Type:** POWERFUL > **Category:** Engineering > **Domain:** Dependency Management & Security
Implements six universal, language-agnostic quality gates for APIs, web apps, and CI/CD pipelines using repository-configured checks and detailed reports.
Scans installed or remote OpenClaw skills for security risks like credential leaks and suspicious code to prevent supply chain attacks.
Enforces skill-trust-scanner security checks before installing skills, blocking or alerting based on risk scores to reduce supply chain threats.
Analyze warehouse setup to optimize space, labor, picking efficiency, inventory accuracy, cost per order, automation ROI, and safety compliance with a priori...
Build demand forecasts using time series, causal models, and expert judgment for planning, inventory, and capacity decisions with scenario analysis.
Enterprise-grade security for OpenClaw - blocks malicious skills, detects hallucinated packages, and prevents prompt injection attacks. Powered by agent-secu...
27 tools for DeFi, DEX swaps, cross-chain bridges, Twitter/X, on-chain token data, crypto utilities, and LLM access via x402 micro-payments on Base. No API keys needed — payment is the auth.
Comprehensive bug audit for Node.js web projects. Activate when user asks to audit, review, check bugs, find vulnerabilities, or do security/quality review o...
Agent wallet, identity, and paid tools in one package. Register an agent, fund it via Stripe or USDC, then use the balance for web search, AI image generatio...
🔒 Pre-installation security verification for external code and dependencies. Automated risk analysis for GitHub repos, npm packages, PyPI libraries, and she...
RankClaw — AI Agent Trust Layer. Check any ClawHub, OpenClaw, nanobot, nanoclaw, picoclaw, or MCP server skill against 14,700+ indexed tools before installin...
--- name: newsletter-creation-curation description: Industry-specific newsletter creation with cadence recommendations and automation workflows metadata: {"clawdbot":{"emoji":"📧","homepage":"https:
Security scanner for ClawHub skills. Vet third-party skills before installation — detect dangerous patterns, suspicious code, and risky dependencies.
Provides real-time file integrity monitoring, pre-installation skill audits, runtime threat blocking, kill switch activation, and incident response to protec...
Security audit and vulnerability scanner for AI agent skills before installation. Use when: (1) evaluating a skill from an untrusted source, (2) auditing a s...
Rubicon Sentinel v2 is the no-cope geopolitical sovereignty scanner for OpenClaw. Inspired by Secretary Marco Rubio's Munich 2026 masterclass, it delivers re...