安全合规 技能
共 1.4k 个安全合规分类技能
TOTP-based OTP verification for sensitive operations (env vars, gateway restarts, backup deletions, critical config changes). Uses otplib with window:2 (1 mi...
A security layer plugin for OpenClaw that intercepts dangerous tool calls (exec, write, edit) through two-tier regex blacklist rules and LLM-based intent ver...
Automatically scan GitHub repositories for bounty issues, filter by difficulty/reward, and auto-submit solutions.
Solana/Base Multi-Chain Meme Scanner & Auditor (Anti-Rug)
基于官方 GMGN API 的代币分析工具。通过合约地址查询代币在 SOL/BSC/Base 链上的准确市场数据、安全检测、KOL 分析、开发者分析和 AI 智能分析(叙事/筹码/老鼠仓/机器人)。支持自动识别链。
Pre-execution governance for IAM and permission escalation changes. Use when an agent or workflow proposes granting, expanding, or assuming higher privileges...
Helps detect hidden attacks in API and protocol documentation. Scans integration guides for dangerous instructions like curl|bash, credential harvesting, and...
Huawei Cloud SWR (Software Repository for Container) image governance skill using hcloud CLI. Use this skill when the user wants to: (1) manage SWR namespace...
Detects the newest fraud in agent payments — the forged "this was approved." Use BEFORE acting on any approval, verdict, or "it's safe" claim another agent o...
Send emails securely without exposing SMTP passwords, powered by MGC Blackbox. Want to learn more about MGC Blackbox? Visit: https://github.com/zkeviny/MGC-Blackbox
Evaluate any AI agent's soul file, system prompt, or AGENTS.md against the Guardian Angel v0.7 framework (Forrest Landry's Immanent Metaphysics). Generates a...
Helps audit transitive skill dependency chains in agent compositions — catching the class of risk where a skill's direct dependencies appear safe but a depen...
Runtime security plugin for AI agents. Provides local-first protection against data exfiltration, credential theft, command injection, and sensitive data lea...
Secure password generator with multiple character sets and strength analysis. Use when: (1) generating strong passwords, (2) creating memorable passphrases,...
Audits cryptocurrency addresses and stock tickers from a local file, providing current values using public APIs without storing private keys.
Pure local 2026 ClawHub/OpenClaw skill scanner. Detects ClawHavoc malware, MCP backdoors, obfuscated payloads, and supply-chain attacks. 100% read-only analy...
Bilingual security auditor for OpenClaw. 68 checks across 6 categories, 11 auto-fixes, OWASP Agentic AI Top 10 coverage, forensic detection, real-time threat...
Advanced patterns for specialized subagent orchestration with production-ready reference implementations. Security isolation, phased implementation, peer col...
Parallel code review — dispatches two subagents to audit **runtime safety** (resource leaks, null paths, race conditions) and **architecture consistency** simultaneously, then merges and deduplicates into a single report. One pass covers two orthogonal bug dimensions.
Continuously scans Docker images, dependencies, network ports, SSL/TLS, and OpenClaw config for CVEs; alerts via WhatsApp, Telegram, or Discord.
OCC (Origin Controlled Computing) — cryptographic proof of every OpenClaw agent action. Install, configure, and audit.
Issue and verify on-chain certificates on Base L2. Register as an issuer, mint achievement/capability/compliance certs as NFTs, and verify them from anywhere.
Filters outgoing text for sensitive data using regex patterns and configurable actions like masking, blocking, or warning to prevent secret leaks.
Assess third-party vendor risk for AI and SaaS products. Evaluates security posture, data handling, compliance, financial stability, and operational resilien...