安全合规 技能与专家
共 1.4k 个安全合规分类技能与专家
地球最权威 AI 全栈系统化教学导师技能(2026 最新行业版)。 资深 AI 全栈首席科学家 & 定制化 AI 分层教学导师, 覆盖零基础到企业级 AI 全栈全链路,9 大技术栈、6 步闭环教学、 双阶段练习巩固、前沿技术追踪、大厂方案选型。 当用户表达系统学AI、学大模型/RAG/Agent/深度学习/提示词工程、 AI编程/AI工具落地、AI职场进阶等意图时自动激活。
Clerk auth with API Keys beta (Dec 2025), Next.js 16 proxy.ts (March 2025 CVE context), API version 2025-11-10 breaking changes, clerkMiddleware() options, webhooks, production considerations (GCP outages), and component reference. Prevents 15 documented errors. Use when: API keys for users/orgs, Next.js 16 middleware filename, troubleshooting JWKS/CSRF/JWT/token-type-mismatch errors, webhook verification, user type inconsistencies, or testing with 424242 OTP.
对各类故障进行系统性分析,支持CVE漏洞和互联网故障两种模式,包括获取官方报告、拆解时间线、分析导火索和连环故障、识别根本原因(人、组织因素)以及提供技术改进建议,最终生成完整分析报告
Human-in-the-loop security layer. Intercepts high-risk commands and requires push notification approval.
Run and script the XMTP CLI for testing, debugging, and interacting with XMTP conversations, groups, and messages. Use when the user needs init, send, list, groups, debug, sync, permissions, or content commands from the CLI.
Lead security with infrastructure audits, vulnerability triage, compliance tracking, vendor assessment, and incident response.
General-purpose Coda document manager via REST API v1. Supports listing/creating/updating/deleting docs, managing tables/rows/pages, triggering automations, and exploring doc structure. Requires CODA_API_TOKEN environment variable. Delete operations require explicit confirmation; publishing and permission changes require explicit user intent.
Paid client skill for Esri Workflow Smell Detector via x402 (Base/USDC). Use when you want to run a deterministic automation preflight scan on an ArcGIS Pro project snapshot by calling https://api.x402layer.cc/e/esri-smells (HTTP 402 payment flow).
Audit and improve OpenClaw workspaces across SOUL, AGENTS, TOOLS, USER, MEMORY, and skills for persona tuning, proactive behavior, recall, and workflow fit....
Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent".
Transform an Android phone with IP Webcam into an intelligent Edge AI security system with OpenClaw.
Evaluates agent actions for security risks, enforcing least-privilege policies with allow, deny, or confirmation decisions and secret redaction.
谛听 — HR 深度组织诊断系统,基于麦肯锡七步法+苏格拉底审计+冰山模型。支持维度裁剪(/谛听 薪酬/文化/组织/变革 单维度路径)。v9.2 完整包发布:SKILL.md + 28 个 references(七步流程/锋利约束/输出标准/各专家模块/七步分步详解/架构演进)。v9.0 新增数据安全治理+绩效模...
Security scanner for OpenClaw skills with Clawdex integration. Analyzes SKILL.md and scripts for dangerous permissions, hardcoded secrets, shell injection vu...
Execute on-chain transactions with user-granted permissions. Built on MetaMask ERC-7715. No private keys, full guardrails.
Configure Cross-Origin Resource Sharing correctly to avoid security issues and debugging pain.
Register, manage, and protect domain names with practical DNS and security guidance.
Locally scans OpenClaw/ClawHub skills for security risks like hardcoded secrets, dangerous calls, and risky imports, then scores and quarantines threats.
The "Silicon Curtain" — Anti-human security framework for protecting APIs from browsers while allowing only verified AI agents via Proof-of-Work challenges. Use this skill when you need to: - Protect APIs from human snooping and browser scraping - Create agent-only endpoints (verified bots only) - Invert CAPTCHA: prove you are silicon, not human - Implement proof-of-work challenges that are trivial for CPUs but impossible for humans - Build secure agent networks or bot marketplaces - Protect Ei
Intelligent code security scanner with hybrid local-cloud detection. Fingerprints packages, runs static behavioral analysis, and consults cloud threat intell...
提供基于概率论与博弈论的智能推理,自动生成股票、期货、基金的专业交易方案及大盘风险预警。QQ交流群:600582898
Scan workspace files for leaked secrets: API keys, tokens, passwords, private keys, and credentials. Detects AWS, GitHub, Slack, Stripe, OpenAI, Anthropic, Google, Azure keys and more. Free alert layer — upgrade to openclaw-sentry-pro for automated redaction, quarantine, and defense.
Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent".
Security audit and threat model for OpenClaw gateway hosts. Use to verify OpenClaw configuration, exposure, skills/plugins, filesystem hygiene, and to produce an OK/VULNERABLE report with evidence and fixes.