安全合规 技能

Test authentication and session management controls for bypass and account takeover scenarios.

Gmail security proxy with policy enforcement, approval workflows, and audit logging. Use when the user wants to read, search, or send Gmail with guardrails —...

AI/LLM red team testing skill. Point at any LLM API endpoint and run automated security assessments. 160+ attack payloads across prompt injection, jailbreak,...

Agents are not bots. Prove it. UCP Credential Provider: declare your agent as an authorized actor before shopping at any UCP-compliant merchant. Requires PAY...

Provides wage determination lookups, certified payroll compliance, classification conformance, violation risk assessments, and apprenticeship tracking for fe...

Pull personal data (emails, issues) and propose outbound actions (drafts, replies) through the PersonalDataHub access control gateway. Data is filtered, reda...

Create, fetch, and validate me.txt personal identity files for AI agents

Audit Node.js HTTP servers and web apps for security vulnerabilities. Checks OWASP Top 10, CORS, auth bypass, XSS, path traversal, hardcoded secrets, missing...

提供安全修改 OpenClaw 配置的全流程管理，确保变更前确认、自动修复、备份对比及运行验证，保障系统稳定。

Assess Active Directory identity attack paths including roasting, relay, and delegation abuse.

Secret redaction MCP server for OpenClaw agents. Prevents API keys, DB credentials, SSH keys, emails, IPs, JWTs, and 29+ other secret types from leaking to L...

Runtime safety enforcement for shell commands via chainwatch policy engine

One click, always on. Zero extra API calls. Neutralizes prompt injection the moment it arrives. Never interrupts your work. No setup, no code required.

Trustless verification protocol for autonomous agents. Discover claims, verify reality, and earn TruthScore.

Git 安全扫描器 - 检查提交中的敏感信息泄露（API keys、密码、token）

Codified expertise for customs documentation, tariff classification, duty optimisation, restricted party screening, and regulatory compliance across multiple...

Access and manage credentials, secrets, and domain registrations securely using the R4 platform with injected environment variables and API calls.

Map application security findings to OWASP Top 10 categories and generate remediation checklists. Use for normalized AppSec review outputs and category-level...

OpenClaw 安全配置基线生成器和审计工具。生成开发/团队/企业/隔离环境的安全配置模板，并审计现有配置的安全问题（网络暴露、认证限流、技能来源限制、审计日志、备份策略、密钥卫生）。

Provides essential safety rules and tools for managing OpenClaw configs, backups, auth troubleshooting, and recovery to prevent system failures.

Scans SKILL.md files with 7 regex layers to block prompt injection, reverse shells, memory tampering, encoding evasion, and trust abuse before LLM processing.

x402janus — autonomous on-chain wallet security for EVMs: scan approvals, trace fund flow, detect drainers, and build revoke transactions. Pay via x402 USDC...

使用 MistTrack OpenAPI 进行加密货币地址风险分析、AML 合规检测和交易追踪。MistTrack 是由 SlowMist 开发的反洗钱追踪工具，支持 BTC、ETH、TRX、BNB 等主流链上地址与交易的风险评分、标签查询、交易调查等功能。

Vet OpenClaw skills for security threats before installing them. 6-pass scanner detects RCE, credential theft, prompt injection, typosquatting, and social en...