🔐 Security & Audit AI Skills

Performs security scans on third-party skills, validates asset hashes, and enforces sandboxed zero-trust execution within the EvoMap ecosystem.

Azure Key Vault SDK for Python. Use for secrets, keys, and certificates management with secure storage. Triggers: "key vault", "SecretClient", "KeyClient", "CertificateClient", "secrets", "encryption keys".

Verification gating for AI-generated artifacts. Policy checks and code verification to catch dangerous patterns before execution.

Manage GetResponse email marketing via API to handle campaigns, contacts, newsletters, tags, autoresponders, and segments with OAuth authentication.

Helps detect incremental capability scope expansion across skill versions — the pattern where a skill gradually claims broader permissions through small, ind...

Control NordVPN on Linux via the `nordvpn` CLI (connect/disconnect, choose country/city/group, read status, tweak settings, manage allowlist). Use for automation that needs region routing or temporary VPN tunneling.

AI supply chain security scanner — check packages for CVEs, look up MCP servers in the threat registry, assess blast radius, generate SBOMs, enforce compliance

AI agent security and trust verification. Scan messages, agent cards, and A2A communications for prompt injection, jailbreaks, and malicious patterns. Use when protecting agents from attacks, verifying external agents, or scanning untrusted content.

Security and vulnerability scanner for OpenClaw code, plugins, skills, and Node.js dependencies. Powered by OpenClaw AI models.

AI skill safety validation — real human experts vet skills, plugins, and MCP tools for security risks. Query trust scores, submit evaluation inquiries, and g...

Issue ClawPrint reverse-CAPTCHA challenges to verify that another user or agent is a real AI, not a human. Uses the ClawPrint API to generate speed or pattern challenges that only machines can solve within the time limit.

Simple test skill that calls a GET endpoint to fetch a daily post. No authentication required.

Control E2B Desktop sandboxes (virtual Linux desktops) for computer-use agents. Use when you need to create/manage sandboxed desktop environments, take scree...

Runtime security hardening for OpenClaw agents. Protects against prompt injection, data exfiltration, credential leaks, and unauthorized operations. Use when setting up agent security, performing security audits, protecting credentials, preventing data leaks, hardening agent configurations, or defending against indirect prompt injection attacks. Complements pre-installation skill scanners by hardening the agent itself at runtime.

Agent identity provider — own email address and E2E-encrypted credential vault. Use when storing or retrieving passwords for services, logging into services with stored credentials, checking email inbox, receiving OTP/verification codes via email, signing up for services, getting your agent's email address, or any task where the agent needs its own identity separate from the user's. Replaces 1Password + AgentMail with a single skill — no desktop app, no tmux, fully autonomous.

Standard operating procedures for agent maintenance, security hygiene, and system health. Use when performing periodic checks, security audits, memory maintenance, secret rotation, dependency updates, or any recurring "housekeeping" tasks. Also use when setting up automated maintenance schedules or when asked about agent security posture.

🩺 Free Security & Health Audit. Your OpenClaw deserves a check-up. This skill performs a non-invasive scan to detect security risks, outdated software, and misconfigurations.

Validate JSON syntax and structure using the Expanso Edge pipeline in CLI or MCP server modes.

Detect hardcoded secrets like API keys, tokens, and passwords in text or code using Expanso Edge pipelines.

Extract keywords and key phrases from text using Expanso Edge for SEO, tagging, and indexing purposes.

Detects malicious behavior and security threats in target skills using advanced analysis of obfuscation, encoding, encryption, and dynamic code techniques.

Set up an lnd remote signer container that holds private keys separately from the agent. Exports a credentials bundle (accounts JSON, TLS cert, admin macaroon) for watch-only litd nodes. Container-first with Docker, native fallback. Use when firewalling private key material from AI agents.

Redact personally identifiable information from text by replacing sensitive data with placeholders using Expanso Edge pipelines.

Inspect TLS certificates for expiry, SANs, chain validity, and cipher details using Expanso Edge pipelines.