安全合规 技能
共 1.4k 个安全合规分类技能
Compare two versions of an OpenClaw skill to detect security-relevant changes. Use before updating any skill from ClawHub. Highlights new capabilities, chang...
GitHub Action for automated security scanning of agent workspaces. Detects exposed secrets, prompt/shell injection, and data exfiltration patterns in PRs and commits.
AI-first security intelligence with LLM-powered intent analysis. 743+ findings from 361+ skill audits, 25 pattern rules, 22 attack classes.
Scan repositories for risky security patterns before execution. Use when users ask for a quick preflight security check, policy enforcement scan, suspicious code triage, or detection of unsafe commands, secret leakage, and dangerous shell behavior.
Git 安全扫描器 - 检查提交中的敏感信息泄露(API keys、密码、token)
A persona and model-switching toolkit featuring Bunni, your bubbly cyber-security assistant. Includes batch scripts for switching models (Claude, Gemini, Dee...
Extract text from images, documents and scanned PDFs using OpenOCR - supports text detection, recognition, universal VLM recognition, and document parsing with layout analysis
AI agent infrastructure security scanner — check packages for CVEs, look up MCP servers in the 427+ server security metadata registry, assess blast radius, g...
Auto-fixes OpenClaw model errors FOREVER! 🛠️ Scans your setup → Finds root cause (JSON errors, timeouts, auth/rate limits) → Applies permanent fix ✅ Features: Auto-detects YOUR models & providers 📊 95% accurate diagnosis 🎯 5 expert fix types (provider switch, key refresh, retry logic) 🔧 Works with ANY config (ZAI, NVIDIA, OpenRouter) 🌍 Adds monitoring so errors never return 🛡️ Fixes: JSON parsing, 401/409/429 errors, timeouts, connection failures.
Aggregates and analyzes market sentiment for specific crypto or stock tickers by scanning news and social signals. Useful for quick vibe checks before trading.
Scan session logs for leaked credentials. Checks JSONL session files against known credential patterns and reports which AI provider received the data.
Diagnose, audit, and repair OpenClaw hosts when an agent, gateway, plugin, cron, model route, memory engine, channel, approval policy, or update looks broken...
Solana swap execution, MEV-protected transaction submission, wallet scanning, and market-cap-based limit/trailing orders via the TradeRouter API. Use when th...
检查本机 Claude Code 二进制是否含有向系统提示词日期行注入近不可见 Unicode 撇号(U+2019/U+02BC/U+02B9)的隐写标记代码,并在受影响时升级到干净版本。受影响区间 v2.1.193–2.1.196,v2.1.197 起已回滚。
华为云Config配置审计服务的专业助手,提供全局资源查询、资源配置查询、资源Schema查询、SQL条件查询以及合规规则查询能力。当用户需要查询华为云资源、进行资源审计、检查配置合规性、盘点云上资产、分析资源关系、查询特定资源状态、验证资源配置、或需要通过SQL进行复杂资源查询时,必须使用此技能。即使未明确提及...
🩺 Free Security & Health Audit. Your OpenClaw deserves a check-up. This skill performs a non-invasive scan to detect security risks, outdated software, and misconfigurations.
腾讯云邮件推送(SES)服务技能,用于通过腾讯云 API 发送邮件。当用户提到"发送邮件"、"邮件推送"、"发邮件给"、 "用某个地址给某人发送模板/邮件内容"时触发。支持完整的邮件发送工作流: (0) 检查 API 密钥配置并按安全配置指南引导用户完成子账号创建和密钥获取, (1) 解析用户指令并在信息缺失时引...
Provides tamper-evident, append-only, hash-chained audit logs for AI agents verifying actions with monotonic ordering and integrity checks.
Track AI visibility — measure whether a brand is mentioned and cited by AI assistants (Gemini, ChatGPT, Perplexity) for target prompts. Runs scans, tracks me...
Conducts a comprehensive, weighted assessment of software vendors and partners across financials, technical fit, security, pricing, support, lock-in, and roa...
Immutable audit trail for autonomous agent operations. Log skill executions, data access, decisions, and budget changes with tamper-evident hashes. Essential...
凭 App Key 调用招采猫开放 API,完成「招标文件智能解读 → 抽取分包 → 生成成品投标文件(.docx) → 可选合规审查」的端到端标书制作。当用户明确提供招标文件并希望生成投标文件/标书、对已生成标书做合规检查、或询问招采猫标书相关能力时使用。注意:招标/投标文件会上传到招采猫云端 API 处理,标书生成消耗账户积分;使用前请确认用户知悉。本 skill 是招采猫线上接口的轻客户端,不复刻其算法。
Enforces risk-based coding profiles, impact mapping, adversarial planning, and strict verification gates before making edits, audits, or structural modificat...
Implement secure API design patterns including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabilities