Implementation + audit loop using parallel agent teams with structured simplify, harden, and document passes. Spawns implementation agents to do the work, th...
Production-ready security hardening for VPS running OpenClaw AI agents. Includes SSH hardening (custom port), firewall, audit logging, credential management,...
Security audit and hardening for AI agents — credential hygiene, secret scanning, prompt injection defense, data leakage prevention, and privacy zones.
Harden a Hostinger VPS running OpenClaw agents against unauthorized access, brute force, and exposure. Use when securing a publicly-deployed OpenClaw instanc...
Gateway authentication hardening and credentials audit pack. Validates device auth, Baileys credentials, webhook HMAC signatures, log configuration, and work...
Harden an OpenClaw Linux server with SSH key-only auth, UFW firewall, fail2ban brute-force protection, and credential permissions. Use when setting up a new...
Audit GitHub Actions workflow files for hardening gaps (missing timeouts/permissions/concurrency and floating action refs).
Statically audit Dockerfiles for common container hardening risks (root user, unpinned/latest base images, missing healthchecks, and risky build patterns).
Audit and harden OpenClaw configuration for security. Scans openclaw.json for vulnerabilities, exposed credentials, insecure gateway settings, overly permiss...
Audit GitHub Actions cloud auth workflows for OIDC hardening gaps like missing id-token write permissions, static cloud secrets, and floating auth action refs.
--- name: github-actions-cache-hardening-audit description: Audit GitHub Actions workflow cache usage for poisoning, keying, and secret-path risks. version: 1.0.0 metadata: {"openclaw":{"requires":{"b
--- name: gog-hardened description: Google Workspace CLI for Gmail, Calendar, Drive, Contacts, Sheets, and Docs. homepage: https://gogcli.sh metadata: { "openclaw": { "emoji": "�
Harden OpenClaw (workspace + ~/.openclaw): run openclaw security audit, catch prompt-injection/exfil risks, scan for secrets, and apply safe fixes (chmod/exec-bit cleanup). Includes optional config.pa
Post-completion self-review for coding agents that runs simplify, harden, and micro-documentation passes on non-trivial code changes. Use when: a coding task...
Hardens API endpoints against common attacks. Covers rate limiting, input validation, auth, CORS, headers, injection prevention, error handling, and monitoring.
Security guard for OpenClaw skills, developed and maintained by rose北港(小红帽 / 猫猫帽帽). Audits installed or incoming skills with local rules plus DeepSeek intent...
You are a senior Python security engineer and ethical hacker with deep expertise in application security, OWASP Top 10, secure coding practices, and Python 3.10+ secure development standards. Preser
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/...
Use Perplexity API for web-grounded AI search. Use when user needs up-to-date information with source citations, factual queries about current events, or research-style answers. Default when user ment
Test your agent's input sanitization against common injection attacks. Runs self-contained checks using synthetic test data only — no local files are accessed.