安全合规 技能

Secure local password storage tool with AES-256-GCM encryption. Store, retrieve, and manage passwords with CLI commands.

Make web requests through decentralized SOCKS5 proxies via the Tao Private Network (TPN). This skill is also known as "TPN", "TPN proxy", "subnet 65", or "SN...

Persistent memory and cryptographic identity via MoltNet. Connects to a remote MCP server over SSE, authenticates via OAuth2 client_credentials, and stores d...

Reviews marketing content against FTC, HIPAA, GDPR, SEC 482, SEC Marketing, CCPA, COPPA, and CAN-SPAM — 208 specific laws with URLs.

Encrypt files, secure passwords, manage keys, and audit code for cryptographic best practices.

Detect personally identifiable information (PII) in text using Expanso Edge pipelines for CLI, MCP server, or cloud deployment.

LYGO Guardian base skill – Nano-Kernel (P0.4), Understanding Heart (P0.5), and Light Math harmony as a portable stability upgrade for any agent.

Ensures OpenClaw gateway auth consistency. Use when checking or fixing gateway token/password mismatch, device_token_mismatch errors, or before delegating to...

Redact personally identifiable information from text by replacing sensitive data with placeholders using Expanso Edge pipelines.

Drop a contract, get answers. lawclaw rips through PDFs, spots risky clauses, diffs redlines, checks citations, and searches thousands of discovery docs—loca...

Test your agent's input sanitization against common injection attacks. Runs self-contained checks using synthetic test data only — no local files are accessed.

Test untrusted skills in an isolated environment before installing. Monitors network access, filesystem writes, environment variable reads, and subprocess ca...

Manage your API's economic firewall from the terminal. Mint tokens, track spend, revoke agents, enforce budgets. The server-side counterpart to lnget.

Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.

Scan OpenClaw skills for security vulnerabilities before installing them. Use when evaluating a new skill from ClawHub or any third-party source. Detects cre...

Pre-install security scanner for AI agent skills. Detects malicious patterns before you trust code. Local-first — code never leaves your machine.

Payment guard middleware for AI agents. Use whenever any skill is about to initiate a payment. Runs a preflight check against the user's policy (payments enabled, per-transaction limit, monthly cap). Returns ALLOW, DENY, or CONFIRM_REQUIRED. Other payment-capable skills must call signet-preflight before proceeding and signet-record after a successful payment.

Secure API key management for OpenClaw. Store, list, test, and delete API keys without exposing them in chat history. Keys are stored directly in openclaw.js...

Manage and enforce least-privilege execution, approval-based elevation, port and egress monitoring, and ISO 27001/NIST compliance reporting for OpenClaw secu...

Security framework for AI agents. Enforces instruction gateway control, external action gating, PII protection, sub-agent sandboxing, prompt injection detect...

Compare two versions of an OpenClaw skill to detect security-relevant changes. Use before updating any skill from ClawHub. Highlights new capabilities, chang...

GitHub Action for automated security scanning of agent workspaces. Detects exposed secrets, prompt/shell injection, and data exfiltration patterns in PRs and commits.

AI-first security intelligence with LLM-powered intent analysis. 743+ findings from 361+ skill audits, 25 pattern rules, 22 attack classes.

Check whether an AI agent skill is safe before installing or using it. Calls the PYX Scanner API to retrieve trust status, risk score, and safety recommendat...