🔐 Security & Audit AI Skills

Scans installed or remote OpenClaw skills for security risks like credential leaks and suspicious code to prevent supply chain attacks.

ISO 27001 ISMS implementation and cybersecurity governance for HealthTech and MedTech companies. Use for ISMS design, security risk assessment, control implementation, ISO 27001 certification, security audits, incident response, and compliance verification. Covers ISO 27001, ISO 27002, healthcare security, and medical device cybersecurity.

Validates, tests, and scores skills for structure, script correctness, documentation, and usability to ensure compliance with tiered quality standards.

Unified security suite for agent workspaces. Installs, configures, and orchestrates all 11 OpenClaw security tools in one command — integrity, secrets, permissions, network, audit trail, signing, supply chain, credentials, injection defense, compliance, and incident response.

Control AdGuard Home DNS filtering via HTTP API. Use when managing blocklists/allowlists, checking domain filtering status, toggling protection, or clearing DNS cache. Supports blocking/allowing domains, viewing statistics, and protecting/disabling DNS filtering.

Security scanner for OpenClaw/ClawHub skills. Detects malware, reverse shells, credential theft, prompt injection, memory poisoning, typosquatting, and suspicious prerequisites before installation. Use when installing new skills, auditing existing skills, checking a skill name for typosquatting, or scanning ClawHub skills for security risks.

Set up and use Bitwarden CLI (bw). Use when installing the CLI, authenticating (login/unlock), or reading secrets from your vault. Supports email/password, API key, and SSO authentication methods.

OpenClaw security audit + prompt injection detector. Scans gateway/vulns/cron/PI patterns. Use for frenzy-proofing installs.

Configure OpenClaw installations with optimized settings, channel setup, security hardening, and production recommendations.

Security scanner for OpenClaw skills. Detects malicious patterns, suspicious URLs, and install traps before you install a skill. Use before installing ANY sk...

Monitors live status of a Pod Point charger’s connectors A and B, reporting current availability and changes without requiring authentication.

Scans OpenClaw skills for security vulnerabilities and suspicious patterns before installation

Local approval system for managing agent permissions. Use CLI to approve/deny requests, view history, and manage auto-approved categories.

Detect 500+ types of hardcoded secrets (API keys, credentials, tokens) before they leak into git. Wraps GitGuardian's ggshield CLI.

Run untrusted skills safely with soft-sandbox protection. Wraps skills in multi-layer prompt-based defense (~85% attack prevention). Use when: (1) Running third-party skills from unknown sources, (2) Processing untrusted content that might contain prompt injection, (3) Analyzing suspicious files or URLs safely, (4) Testing new skills before trusting them. Supports manual mode ('run X in sandwrap') and auto-wrap for risky skills.

Executes approved shell commands, manages backups, and safely retrieves secrets from Bitwarden.

Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.

Audits ERC-8004 agents by analyzing metadata, endpoints, payment configs, and reputation to identify security risks and generate detailed reports.

Compliance and policy enforcement for agent workspaces. Define security policies, audit compliance, check command restrictions, and generate audit-ready reports. Free alert layer — upgrade to openclaw-marshal-pro for active enforcement, blocking, and automated remediation.

Security engineering workflow for OpenClaw privilege governance and hardening. Use for least-privilege execution, approval-first privileged actions, idle tim...

Credential lifecycle security for agent workspaces. Audit credential exposure, detect misconfigured permissions, inventory all secrets, and identify stale credentials needing rotation. Free alert layer — upgrade to openclaw-vault-pro for automated remediation, credential rotation, and access control.

Shorten URLs using is.gd (no auth required). Returns a permanent short link.

Test your AI agent for security vulnerabilities using PwnClaw. Runs 50+ attacks (prompt injection, jailbreaks, social engineering, MCP poisoning, and more) and provides fix instructions. Use when your agent needs a security check or hardening.

Human-in-the-loop security layer. Intercepts high-risk commands and requires push notification approval.