安全合规 技能

Automates detection and auditing of shadow AI spending with risk classification, data leakage alerts, and forex-normalized departmental cost analysis.

Manage Clash VPN proxy service for accessing blocked websites like Google Play. Use when the user needs to (1) setup/configure VPN proxy, (2) update Clash pr...

Multi-agent adversarial security review — 3 AI agents debate every finding, only real vulnerabilities survive

Integrate Didit Database Validation API to verify personal data against government databases. Use when the user wants to validate identity against government...

Elytro — security-first ERC-4337 smart account wallet CLI for AI agents. On-chain 2FA, configurable spending limits, and macOS Keychain-backed vault. Send ET...

提供智能合同风险识别、条款解读、合同生成与法律咨询，支持多合同类型，助力企业合法合规管理。

Gateway authentication hardening and credentials audit pack. Validates device auth, Baileys credentials, webhook HMAC signatures, log configuration, and work...

Generate a compliant legal website with Privacy Policy, Terms, support, and data deletion pages, ready for Cloudflare Pages deployment.

Collect, organize, and validate evidence for ISO 27001 and SOC 2 audits. API-first approach with CLI commands for major cloud platforms. Produces timestamped...

Internationalization audit pack. Locale file scanning and missing translation key detection. 1 i18n tool.

MCP 2025-11-25 specification compliance audit pack. Validates elicitation, tasks, resources/prompts, audio content, JSON Schema 2020-12, SSE transport, and i...

Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...

Map AWS environment against CIS, SOC 2, HIPAA, or PCI-DSS controls with prioritized remediation

Audit de sécurité proactif des déploiements OpenClaw. Détecte et remédie aux 4 gaps critiques/hauts identifiés dans openclaw/openclaw : SQL injection (C1), s...

Evaluates and governs all OpenClaw bot actions using YAML policies with tamper-evident audit logs to allow, deny, or require review before execution.

Private reputation scoring for AI agents — query on-chain credit tiers earned via x402 micropayments through Unlink shielded transfers on Monad, and verify t...

Handle CAPTCHAs encountered during web scraping. Avoid triggering Cloudflare Turnstile, reCAPTCHA, and hCaptcha through residential proxies and stealth techn...

Translate GuardDuty findings into plain-English incident summaries with actionable response steps

Security firewall for skills that automatically blocks and filters malicious or potentially harmful skills. Use when: (1) Scanning skills for security threat...

Enforce contextual permission boundaries for AI agents based on communication surface. Constrains agent capabilities (exec, file I/O, secrets, messaging) by...

Prompt injection and jailbreak detection pack. 16 compiled regex patterns across 3 severity levels (CRITICAL, HIGH, MEDIUM). Supports single-prompt and batch...

Inspect third-party Claude/OpenClaw/Codex/OpenCode skills, plugins, repos, npm packages, pip packages, shell installers, and GitHub Actions before any downlo...

Runtime environment and configuration audit pack. Validates Node.js version, secrets workflow, HTTP headers, allowed commands, trusted proxy, disk budget, an...

Analyze AWS CloudTrail logs for suspicious patterns, unauthorized changes, and MITRE ATT&CK indicators