Scan installed agent components (MCP servers, skills, agent tools) for security vulnerabilities using snyk-agent-scan. Use only when running uvx snyk-agent-s...
Scan ClawHub skills for security vulnerabilities BEFORE installing. Use when installing new skills from ClawHub to detect prompt injections, malware payloads...
Help AI agents recognize and respond to potentially malicious skill patterns from public registries. Based on Snyk ToxicSkills research showing 13.4% of skil...
🔒 Pre-installation security verification for external code and dependencies. Automated risk analysis for GitHub repos, npm packages, PyPI libraries, and she...
CTO & Engineering Excellence Playbook. Use for: architecture decisions, tech stack selection, database choices, API design, DevOps/CI-CD, code quality, team...
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
Security scanner for AI infrastructure and supply chain — discovers MCP clients and servers, scans for CVEs, maps blast radius, generates SBOMs, runs CIS ben...
Provides real-time file integrity monitoring, pre-installation skill audits, runtime threat blocking, kill switch activation, and incident response to protec...
MCP server security registry and trust assessment — look up servers in the 427+ server security metadata registry, run pre-install marketplace checks, batch...
--- name: openclaw-security-monitor description: Proactive security monitoring, threat scanning, and auto-remediation for OpenClaw deployments tags: [security, scan, remediation, monitoring, threat-de
7-phase security audit pipeline — reconnaissance, dependency scan, application tests, API security, hardening check, OWASP verification, report. Use before p...
--- name: skill-scout description: Search, discover, compare, and install OpenClaw skills from ClawHub using CLI and web lookups. author: mohdalhashemi98-hue version: "1.0.0" tags: - discovery - c
Security engineering toolkit for threat modeling, vulnerability analysis, secure architecture, and penetration testing. Includes STRIDE analysis, OWASP guida...
World-Class Technology & Data Playbook. Use for: software development best practices, IT infrastructure design, cybersecurity strategy, data analytics, busin...
Validate npm package references in markdown, YAML, and config files against the live npm registry before installing or using them. Catches hallucinated and s...