--- name: automation_runner description: Executes approved shell commands, manages backups, and safely retrieves secrets from Bitwarden. --- # Automation Runner Agent ⚡ You handle the system-level
Expand reading insights into detailed notes using local templates only. SAFE VERSION: No external API calls, no filesystem access, no secrets required.
Safely inject API keys from 1Password into macOS LaunchAgent plists using PlistBuddy. Use when running OpenClaw on macOS and storing secrets in 1Password — a...
发送飞书卡片消息(支持纯文本和图片)。使用 message 工具的 card 参数,需要配置飞书应用凭证(App ID + App Secret)。
--- name: log-scrubber description: Automatically redacts API keys, tokens, and secrets from workspace logs and memory files. homepage: https://github.com/Heather-Herbert/openclaw-log-scrubber metadat
GitHub Action for automated security scanning of agent workspaces. Detects exposed secrets, prompt/shell injection, and data exfiltration patterns in PRs and commits.
--- name: opys-calendar-skill description: A local markdown-backed calendar with CLI and optional two-way Google Calendar sync. env: - GOOGLE_CLIENT_ID - GOOGLE_CLIENT_SECRET - GOOGLE_REDIRECT_U
Expand reading insights into in-depth reviews using local templates only. SAFE VERSION: No external API calls, no filesystem access, no secrets required.
Audit Node.js HTTP servers and web apps for security vulnerabilities. Checks OWASP Top 10, CORS, auth bypass, XSS, path traversal, hardcoded secrets, missing...
飞书云文档(docx)的创建与编辑技能。支持通过 API 创建文档、追加内容、批量更新块等操作。使用此技能需要提供 App ID 和 App Secret。
Connect OpenClaw to Jira Cloud with secret-safe API access via pastewatch redaction. Includes credential setup, REST API helper script, JQL patterns, focus a...
Auto-fix security vulnerabilities in OpenClaw skills. Works with neckr0ik-security-scanner to automatically remediate hardcoded secrets, shell injection risk...
Use Tribunal commands for TDD enforcement, quality gates, secret scanning, Agent Teams hooks, CI integration, and plugin packs. Use when running quality chec...
Set up and use Bitwarden CLI (bw). Use when installing the CLI, unlocking vault, or reading/generating secrets via bw. Handles session management with BW_SESSION.
WHAT: Kubernetes manifest generation - Deployments, StatefulSets, CronJobs, Services, Ingresses, ConfigMaps, Secrets, and PVCs with production-grade security and health checks. WHEN: User needs to c
Trustless encrypted vault with TOTP auth and clean-room session isolation. Secrets your agent holds but cannot read. Use when user wants to store, retrieve,...
Implement quantum-resistant encryption using the CIFER SDK (cifer-sdk npm package). Covers SDK initialization, wallet setup, secret creation, text encryption/decryption, and file encryption/decryption
Manage Cloudflare Workers, KV, D1, R2, and secrets using the Wrangler CLI. Use when deploying workers, managing databases, storing objects, or configuring Cloudflare resources. Covers worker deploymen
Enforce contextual permission boundaries for AI agents based on communication surface. Constrains agent capabilities (exec, file I/O, secrets, messaging) by...
Run local-only fail-closed security checks to detect and report data leaks, secrets, egress risks, and prompt injections before publishing or committing code.
--- name: onepassword description: "1Password Connect — vaults, items, secrets management for server-side applications." homepage: https://www.agxntsix.ai license: MIT compatibility: Python 3.10+ (s
Unified security suite for agent workspaces. Installs, configures, and orchestrates all 11 OpenClaw security tools in one command — integrity, secrets, permissions, network, audit trail, signing, su
--- name: janee version: 0.1.0 description: Secrets management for AI agents. Never expose your API keys again. homepage: https://github.com/rsdouglas/janee metadata: {"category": "security", "emoji":
# Kraken Crypto Skill Use the kraken_cli.py wrapper to query your Kraken account. ## Setup Export your Kraken API credentials. ```bash export KRAKEN_API_KEY="your_api_key" export KRAKEN_API_SECRET