Validate .env files for common issues — detect leaked secrets (AWS keys, GitHub tokens, Stripe keys, JWTs), find duplicate variables, flag empty values, comp...
Use the botauth CLI to list, search, and retrieve secrets from the user's unlocked botauth vault with per-request approval in the desktop app. Use when a tas...
Platform alignment audit pack for OpenClaw 2026.2. Secrets v2, agent routing, voice security, trust model, autoupdate, plugin SDK, content boundaries, and sq...
Security audit tool for OpenClaw skills. Scans skill directories for common vulnerabilities including hardcoded secrets, unsafe shell commands, prompt inject...
Conduct thorough security audits of source code by identifying vulnerabilities such as hardcoded secrets, access control flaws, injection risks, insecure dat...
Manage environment variables, secrets, and config across agent sessions. Secure credential storage with encryption at rest.
--- name: clscli description: Query and analyze Tencent Cloud CLS logs homepage: https://github.com/ metadata: {"requires": {"bin": ["clscli"], "env": ["TENCENTCLOUD_SECRET_ID", "TENCENTCLOUD_SECR
--- name: security-sentinel description: Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations. --- # Security Sentinel A unified security scanner for OpenClaw work
Audit your OpenClaw workspace for drift — stale paths, duplicate content, oversized files, secret leaks, and 1Password vault mismatches. Zero deps. By The Ag...
Runtime environment and configuration audit pack. Validates Node.js version, secrets workflow, HTTP headers, allowed commands, trusted proxy, disk budget, an...
Preflight security scanner for OpenClaw — scans deployment config, skills, memory/sessions for secrets, PII, prompt injection, and dangerous patterns. Runs 4...
Comprehensive code security audit with AI-powered vulnerability detection. Covers OWASP Top 10, dependency scanning, secret detection, SAST, and provides act...
Advanced security audit pack covering secrets lifecycle, path canonicalization, exec plan freeze, hook routing, config includes, prototype pollution, safeBin...
Manage Proton Pass vaults, items (logins, SSH keys, aliases, notes), passwords, SSH agent integration, and secret injection into applications. Use when working with Proton Pass for password management
Automated security auditing for OpenClaw projects. Scans for hardcoded secrets (API keys, tokens) and container vulnerabilities (CVEs) using Trivy. Provides...
Five-layer security for AI agents — prompt injection defense, secret protection, PII scanning
--- name: automation_runner description: Executes approved shell commands, manages backups, and safely retrieves secrets from Bitwarden. --- # Automation Runner Agent ⚡ You handle the system-level
Security audit and validation tools for the Agent Skills ecosystem. Scan skill packages for common vulnerabilities like credential leaks, unauthorized file access, and Git history secrets. Use when yo
Security audit engine for OpenClaw configurations. Detects vulnerabilities, misconfigurations, secret leaks, and over-privileged agents. Use when the user as...
Autonomous bug bounty hunting with scope safety. Scans targets for subdomains, secrets, vulnerabilities. Uses Certificate Transparency logs, JS analysis, ent...
--- name: audit-code description: Security-focused code review for hardcoded secrets, dangerous calls, and common vulnerabilities disable-model-invocation: true allowed-tools: Read, Glob, Grep, Bash c
Security guard for OpenClaw users. Audit configs, scan secrets, manage access, and generate security reports.
知识产权顾问。专利、版权、商业秘密、注册流程、保护策略。IP advisor for patents, copyrights, trade secrets. 知识产权、专利、版权。
Audit GitHub Actions cloud auth workflows for OIDC hardening gaps like missing id-token write permissions, static cloud secrets, and floating auth action refs.