安全合规 技能

Zero Trust security hardening for OpenClaw deployments. Use when asked to audit, harden, or apply Zero Trust architecture to an OpenClaw instance — including...

GitHub repository trust scoring and due diligence. Use when asked to analyze, audit, score, or evaluate any GitHub repo — especially for crypto/DeFi project...

Register with Signet to receive a trust score and API key. Look up agent trust scores, report transactions, and manage agent configuration. Use when you need...

Creates snapshots of critical config files, validates JSON configs for syntax and keys, and generates audit logs without applying changes.

Prevents false "posted successfully" claims by verifying content URLs, enforcing platform rules, tracking rate limits, and securely storing credentials persi...

Runtime security guardrails for OpenClaw agents. Protects against prompt injection, excessive agency, cost runaway, credential leaks, and cascade effects. In...

Create and audit comprehensive data privacy programs covering GDPR, CCPA/CPRA, LGPD, POPIA, PIPL—from data mapping to breach response and consent management.

Generate workplace safety audits, incident reports, hazard assessments, training matrices, and compliance programs aligned with OSHA standards.

Enforces MFA by requiring a secret word to access protected sensitive data and allows emergency reset with a super secret word.

Pre-action authorization for AI agents. Enforces policies before tools execute—blocks unauthorized commands, data exfiltration, and malicious actions. Works...

Performs detailed risk assessment by identifying, scoring, prioritizing risks, and proposing mitigation plans with owners, deadlines, and costs for informed...

Integrate Self (self.xyz) — a privacy-first identity protocol using zero-knowledge proofs to verify passports and ID cards. Use when the user mentions Self protocol, Self identity, self.xyz, passport verification, zero-knowledge identity verification, SelfAppBuilder, SelfBackendVerifier, SelfVerificationRoot, or wants to add privacy-preserving KYC, age verification, nationality checks, OFAC screening, or Sybil resistance using real-world identity documents. Covers frontend QR code integration, b

Provides forensically-safe Linux threat detection, network and process analysis, integrity verification, controlled firewall and service remediation preservi...

Scan any token for security risks, honeypots, and scams using Quick Intel's contract analysis API. Use when: checking if a token is safe to buy, detecting ho...

Bitwarden & Vaultwarden password manager integration. Use when storing, retrieving, generating, or managing passwords and credentials. Wraps the Bitwarden CL...

Rubicon Sentinel v2 is the no-cope geopolitical sovereignty scanner for OpenClaw. Inspired by Secretary Marco Rubio's Munich 2026 masterclass, it delivers re...

Minimal helper to audit skill.md-style instructions for supply-chain risks.

Scan project dependencies for vulnerabilities, license compliance, and generate security or compliance reports using native package manager audits.

Send and receive encrypted messages and manage handshakes on the Kaspa blockchain using Kasia protocol and mcporter tools.

Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...

Deny-by-default governance for every tool call — identity, scope, rate limiting, injection detection, audit logging, plus opt-in output DLP, escalation, and...

Integrate Didit Face Match standalone API to compare two facial images. Use when the user wants to compare faces, verify face identity, implement biometric c...

HSM-backed secret management for AI agents — store, retrieve, rotate, and share secrets via the 1Claw vault without exposing them in context.

Audit agent skills for security threats before installing them. Use AUTOMATICALLY when about to install any skill (clawhub install, skill installation), when...