安全合规 技能

Platform alignment audit pack for OpenClaw 2026.2. Secrets v2, agent routing, voice security, trust model, autoupdate, plugin SDK, content boundaries, and sq...

Estimates a person's age from a facial image via the Didit standalone API. Use when implementing age gating, checking if someone is over 18 or 21, performing...

Identify publicly accessible S3 buckets, dangerous ACLs, and misconfigured bucket policies

Provides a structured 7-phase process to investigate, diagnose, restore, prevent, monitor, and document OpenClaw system failures including config loss, crash...

Comprehensive security audit and hardening for OpenClaw host machines. Checks firewall, disk encryption, open ports, auto-updates, brew outdated, OpenClaw ve...

Detects liveness from a single selfie image via the Didit standalone API. Use when checking if a person is physically present, detecting spoofing or presenta...

Integrate Didit Email Verification standalone API to verify email addresses via OTP. Use when the user wants to verify emails, send email OTP codes, check em...

Audit AWS Security Groups and VPC configurations for dangerous internet exposure

End-to-end KYC (Know Your Customer) identity verification for onboarding real users. Use when someone needs to perform KYC, onboard users with identity verif...

Deploy, secure, and troubleshoot Beszel monitoring with Docker agents, alert tuning, and upgrade-safe operations for self-hosted servers

Audit your OpenClaw deployment for security risks using Trent AppSec Advisor

Checks whether credentials and tokens are stored safely. Validates file permissions, plaintext exposure, git repo contamination, log redaction coverage, and...

网站机房溯源全维度分析工具。当用户要求分析某个网站的机房位置、CDN、IP归属、路由链路、响应延迟、SSL证书、子域名等信息时使用。支持通过 DNS over HTTPS（阿里/腾讯/360）查询绕过UDP封锁，自动识别 Cloudflare、Akamai、阿里云、腾讯云等主流CDN，输出完整的溯源分析报告。

Verifies identity documents via the Didit standalone API. Use when verifying a passport, ID card, driver's license, or residence permit, performing OCR extra...

Review Terraform plans and HCL files for AWS security misconfigurations before deployment

AgentTrust — A2A messaging, identity verification, trust codes, and prompt injection detection. Use when sending/receiving messages (Agentic Collaboration) o...

Manages vendor insurance compliance through collection, validation, scoring, and remediation of certificates of insurance with alerts and action steps.

Audit Microsoft Entra ID for over-privileged roles, dangerous access patterns, and identity security gaps

Evade bot detection systems including Cloudflare, DataDome, PerimeterX, Akamai, and hCaptcha. Residential proxy rotation, TLS fingerprint spoofing, behaviora...

Create and manage HTTPS, SOCKS, or WireGuard proxies via URnetwork API to connect anonymously through specific countries, regions, or cities worldwide.

Security scanner for OpenClaw skills. Detects prompt injection, credential leaks, unsafe code execution, MCP misconfigurations, privilege escalation, obfusca...

End-to-end encrypted messaging channels for AI agents using MLS protocol (RFC 9420)

Security vetting protocol before installing any AI agent skill. Red flag detection for credential theft, obfuscated code, exfiltration. Risk classification L...

Harden a Hostinger VPS running OpenClaw agents against unauthorized access, brute force, and exposure. Use when securing a publicly-deployed OpenClaw instanc...