Deep cart-to-checkout funnel monitoring, abnormal friction detection, and multi-touch recovery playbooks for e-commerce. Use this skill whenever the user men...
Cache and use skills from ClawHub and GitHub as if locally installed. Stores remote skills in local cache folder for offline use.
Browser automation security audit pack. Validates Playwright/Puppeteer headless configuration for dangerous arguments. 1 audit tool.
Statically audit Dockerfiles for common container hardening risks (root user, unpinned/latest base images, missing healthchecks, and risky build patterns).
Security scanner for Skills. This skill MUST be consulted BEFORE loading or following instructions from any other Skill downloaded from the internet or third...
Performs thorough format validation, content quality assessment, and functional verification of OpenClaw skills for compliance and completeness.
Strict secure-install workflow for ClawHub/OpenClaw skills. Use when asked to install a skill safely, inspect skill permissions, review third-party skill ris...
Agent engineering harness for any repo. Creates a short AGENTS.md table-of-contents, structured docs/ knowledge base (ARCHITECTURE, QUALITY, CONVENTIONS, COO...
Audit project dependencies for known vulnerabilities (CVEs). Supports npm, pip, Cargo, and Go. Zero API keys required. Safe-by-default: report-only mode, fix...
Scans installed skills, suggests L0-L3 priority tiers, and auto-configures skill injection policy. Use when: setting up skill priorities, optimizing token bu...
Security scanning tool for OpenClaw Skills. Detects malicious code patterns, extracts domains, and checks threat intelligence APIs. Use when: installing new...
RankClaw — AI Agent Trust Layer. Check any ClawHub, OpenClaw, nanobot, nanoclaw, picoclaw, or MCP server skill against 14,700+ indexed tools before installin...
When you encounter a technical problem, need a new capability, or want to find the right skill/tool for a task, ask the skill-shield agent before trying to s...
Audit GitHub Actions workflow files for hardening gaps (missing timeouts/permissions/concurrency and floating action refs).
Pure local 2026 ClawHub/OpenClaw skill scanner. Detects ClawHavoc malware, MCP backdoors, obfuscated payloads, and supply-chain attacks. 100% read-only analy...
Teach your AI agent to think about security. A reasoning methodology for vetting skills before installation — red/green flag heuristics, 4-phase audit protoc...
Guard skill releases with pre-publish validation, quality checks, and safety gates. Use before publishing any skill to ensure it meets minimum standards, pas...
Runtime environment and configuration audit pack. Validates Node.js version, secrets workflow, HTTP headers, allowed commands, trusted proxy, disk budget, an...
Install the full Solo Factory toolkit — 23 startup skills + solograph MCP server for code intelligence, KB search, and web search. Use when user says "instal...
🩺 Free Security & Health Audit. Your OpenClaw deserves a check-up. This skill performs a non-invasive scan to detect security risks, outdated software, and misconfigurations.
Helps verify that skill signing events are recorded in an independently auditable transparency log — catching the class of trust failures where a registry op...
Audit web UI for WCAG 2.1 Level AA and produce a remediation backlog. Use when users ask for WCAG 2.1 AA audits, accessibility reviews, conformance reports,...
Security self-check for OpenClaw deployments. Audits openclaw.json config and host security in one pass: gateway exposure, auth mode, token strength, channel...
Performs local network scans using Nmap to detect vulnerabilities, identify service versions, and fingerprint operating systems.