--- name: shell-security-ultimate version: 2.2.1 description: "Classify every shell command as SAFE, WARN, or CRIT before your agent runs it." metadata: openclaw: owner: kn7623hrcwt6rg73a67xw3wy
Scans source code for OWASP Top 10 security vulnerabilities with static analysis and provides remediation advice per detected issue.
AI security toolkit — deepfake detection, prompt injection scanning, malware/phishing URL scanning, and AI text detection. Use when: (1) verifying if an imag...
Security auditing for git commits, repos, and skills before publishing. Run automatically before any `git commit`, `git push`, or `clawhub publish`. Detects...
Audit Node.js HTTP servers and web apps for security vulnerabilities. Checks OWASP Top 10, CORS, auth bypass, XSS, path traversal, hardcoded secrets, missing...
Security audit for external resources (GitHub repos, downloaded skills, files). Detects malicious code, suspicious executables, and content mismatches. Use w...
Detects malicious behavior and security threats in target skills using advanced analysis of obfuscation, encoding, encryption, and dynamic code techniques.
Audit and harden OpenClaw configuration for security. Scans openclaw.json for vulnerabilities, exposed credentials, insecure gateway settings, overly permiss...
Fail-closed security auditing for OpenClaw/ClawHub skills & repos: trufflehog secrets scanning, semgrep SAST, prompt-injection/persistence signals, and supply-chain hygiene checks before enabling or i
Scan any token for security risks, honeypots, and scams using Quick Intel's contract analysis API. Use when: checking if a token is safe to buy, detecting ho...
OpenClaw security guide for root-enabled AI agents, covering pre-install audits, runtime permission tightening, hash baselines, risk controls, nightly auto-i...
Search security vulnerability scan results for MCP Servers and AI Agent Skills from the AICLUDE scan database.
ShieldAPI — x402 Security Intelligence for AI Agents. 7 endpoints: password breach check (900M+ HIBP hashes), email breach lookup, domain reputation (DNS/bla...
7-layer AI security scanner for OpenClaw. Blocks prompt injection, SSRF, command injection, data leakage, and memory poisoning across ALL channels (Signal, T...
🔒 Pre-installation security verification for external code and dependencies. Automated risk analysis for GitHub repos, npm packages, PyPI libraries, and she...
Multi-agent adversarial security review — 3 AI agents debate every finding, only real vulnerabilities survive
Audit agent skills for security threats before installing them. Use AUTOMATICALLY when about to install any skill (clawhub install, skill installation), when...
Secure environment variable & secret management with AES-256 encryption, auto-redaction, permission control, prevent credential leakage
Securely expose an OpenClaw Gateway WebUI on a VPS via Cloudflare Zero Trust Access + Cloudflare Tunnel (cloudflared), including DNS cutover for custom hostnames and optional cleanup of Tailscale Serv
Run local-only fail-closed security checks to detect and report data leaks, secrets, egress risks, and prompt injections before publishing or committing code.
--- name: secure-autofill description: 1Password-backed credential filling via vault_suggest/vault_fill (plugin tools). homepage: https://github.com/openclaw/openclaw metadata: openclaw: emoji:
Multi-chain security API for AI agents. Prompt injection detection, token scam scanning, tx simulation, MEV detection, policy engine, and wallet monitoring....
AI agent security and trust verification. Scan messages, agent cards, and A2A communications for prompt injection, jailbreaks, and malicious patterns. Use when protecting agents from attacks, verifyin