OpenClaw plugin that prepends custom text to every user message before it reaches the agent. Use for: enforcing memory_search before replies, injecting syste...
Scans installed OpenClaw skills for malicious patterns including prompt injection, credential theft, data exfiltration, obfuscated payloads, and backdoors. Use when installing new skills, after skill
Secure email proxy for AI agents. Search, read, and draft emails via MCP with server-side credential isolation, PII redaction, prompt injection detection, an...
Soft blocklist guard for OpenClaw. Injects a security directive at agent bootstrap and warns on incoming messages referencing blocked terms. Blocks clawhub/c...
Scans SKILL.md files with 7 regex layers to block prompt injection, reverse shells, memory tampering, encoding evasion, and trust abuse before LLM processing.
Optimize OpenClaw token usage and cost by auditing context injection, trimming workspace files (AGENTS.md/SOUL.md/MEMORY.md and daily memory), enabling promp...
Security scanner that catches malicious skills before they steal your data. Detects credential theft, prompt injection, and hidden backdoors. Works immediately with zero setup. Optional AST dataflow a
Self-improving AI memory system with intelligent context injection and adaptive learning
Security audit gate — scans agent skills for malware, prompt injection, and data exfiltration before installation
AgentTrust — A2A messaging, identity verification, trust codes, and prompt injection detection. Use when sending/receiving messages (Agentic Collaboration) o...
Run local-only fail-closed security checks to detect and report data leaks, secrets, egress risks, and prompt injections before publishing or committing code.
BYOCB ArbInjectionSkill: Scan EVM smart contracts for arbitrary call injection vulnerabilities. Monitor chains in real-time or scan specific addresses.
🦊 Ganidhuz-FoxX (Firefox + X combined lol). Browse X/Twitter using a real logged-in Firefox session via cookie injection. Supports profile viewing, tweet fe...
Learn user preferences from conversations and personalize responses automatically. Preferences compound over time — corrections like "use TypeScript, not JavaScript" are captured and injected into f
Production FastAPI patterns with Pydantic v2, async endpoints, OAuth2/JWT, dependency injection, testing, and Kubernetes deployment
Security auditing skill that detects malicious patterns like prompt injection, data exfiltration, obfuscation, and privilege escalation in OpenClaw SKILL.md...
Security-first wrapper for installing agent skills. Scans for malware, prompt injection, and suspicious patterns before installation. Use instead of `clawhub install` for safer skill management.
Scan ClawHub skills for security vulnerabilities BEFORE installing. Use when installing new skills from ClawHub to detect prompt injections, malware payloads...
Security hardening for AI agents. Audit your workspace for leaked secrets, check file permissions, validate API key storage, scan for prompt injection risks,...
Enhanced browser DOM manipulation using PageAgent's page-controller. Injects into any web page to provide precise DOM extraction, interactive element detecti...
Harden OpenClaw (workspace + ~/.openclaw): run openclaw security audit, catch prompt-injection/exfil risks, scan for secrets, and apply safe fixes (chmod/exec-bit cleanup). Includes optional config.pa
AI/LLM red team testing skill. Point at any LLM API endpoint and run automated security assessments. 160+ attack payloads across prompt injection, jailbreak,...
Hardens API endpoints against common attacks. Covers rate limiting, input validation, auth, CORS, headers, injection prevention, error handling, and monitoring.