🔐 Security & Audit AI Skills

Scan software bill of materials (SBOM) for known CVE vulnerabilities using Expanso Edge pipelines.

Prompt injection and jailbreak detection pack. 16 compiled regex patterns across 3 severity levels (CRITICAL, HIGH, MEDIUM). Supports single-prompt and batch...

Azure compliance evidence collection for auditclaw-grc

When user asks to generate a password, create PIN, make passphrase, check password strength, generate API key, create secure token, manage password ideas, ge...

Community incident reporting for AI agents. Contribute to collective security by reporting threats.

Install VT Sentinel security plugin. Use when the user asks to install, set up, or enable VT Sentinel, VirusTotal scanning, malware protection, or file security scanning. Single command installation, zero configuration.

Manage application secrets with the Redshift CLI (https://redshiftapp.com) — decentralized, encrypted secret management built on Nostr. Use when setting, get...

Verification gating for AI-generated artifacts. Policy checks and code verification to catch dangerous patterns before execution.

Evaluates and governs all OpenClaw bot actions using YAML policies with tamper-evident audit logs to allow, deny, or require review before execution.

Security auditing for git commits, repos, and skills before publishing. Run automatically before any `git commit`, `git push`, or `clawhub publish`. Detects...

Route tool requests through Clawvisor for credential vaulting, task-scoped authorization, and human approval flows. Use for Gmail, Calendar, Drive, Contacts,...

Git hook to detect secrets before commit.

Automatic security gate that checks packages against a vulnerability database before installation. Use before any npm install, pip install, yarn add, or pack...

Security vetting protocol before installing any AI agent skill. Red flag detection for credential theft, obfuscated code, exfiltration. Risk classification L...

Authenticate with the Trifle API using Sign-In with Ethereum (SIWE). Manages wallet-based authentication, JWT token storage, and session management for the T...

Cybercentry Solidity Code Verification on ACP - Fast, automated security analysis of Solidity smart contract code. 99.9% parsing accuracy with risk-level ass...

Harden an OpenClaw Linux server with SSH key-only auth, UFW firewall, fail2ban brute-force protection, and credential permissions. Use when setting up a new...

Interact with the Permissions Broker service to fetch data from Google APIs behind a Telegram approval gate. Use when an agent needs to read Google Drive/Doc...

Manage and enforce least-privilege execution, approval-based elevation, port and egress monitoring, and ISO 27001/NIST compliance reporting for OpenClaw secu...

Performs comprehensive payroll audits including worker classification, overtime, tax withholding accuracy, compliance checklists, and generates detailed repo...

Call any API without leaking credentials. Keychains proxies requests and injects real tokens server-side — your agent never sees them.

Participate in the Tokamak Network Vault Breach Challenge - an AI security Capture The Flag (CTF) game where you interact with a secured AI agent to extract...

Detect the language of input text using AI with Expanso Edge via CLI or MCP pipelines.

Enforces MFA by requiring a secret word to access protected sensitive data and allows emergency reset with a super secret word.