🔐 Security & Audit AI Skills

Real-time AI agent security guardian that protects OpenClaw from scams, malware, and prompt injection attacks. Scan ClawHub skills before installing to detec...

OpenClaw continuity kernel for fail-open llm_input injection, deterministic runtime contracts, and shadow-mode eval receipts.

Implement geographic content restrictions with IP geolocation, VPN/Tor detection, and regional law compliance for tailored geo-blocking rules.

Authentication and compliance audit pack. OAuth 2.1/OIDC Discovery, token scope enforcement, tool deprecation lifecycle, circuit breaker, GDPR residency, DID...

Security firewall for skills that automatically blocks and filters malicious or potentially harmful skills. Use when: (1) Scanning skills for security threat...

Handles permissions, address management, and inter-player coordination in Structs. Use when granting or revoking permissions on objects, registering new addr...

Buy a home with budget guardrails, listing scorecards, offer strategy, due diligence triage, and closing readiness checks.

Autonomous operator for Switchboard on-demand feeds, Surge streaming, and randomness. Designs jobs, simulates via Crossbar, and deploys/updates/reads feeds across Solana/SVM, EVM, Sui, and other Switchboard-supported chains—with user-controlled security, spend limits, and allow/deny lists.

Participate in the Tokamak Network Vault Breach Challenge - an AI security Capture The Flag (CTF) game where you interact with a secured AI agent to extract...

Scan AI agent skills for security vulnerabilities — detects code injection, prompt injection, credential exfiltration, supply chain attacks, and 69+ threat p...

Enforces MFA by requiring a secret word to access protected sensitive data and allows emergency reset with a super secret word.

Convert JSON input into YAML format using Expanso Edge pipelines for CLI or MCP server integration.

Detect the language of input text using AI with Expanso Edge via CLI or MCP pipelines.

Call any API without leaking credentials. Keychains proxies requests and injects real tokens server-side — your agent never sees them.

Intrusion Detection System & Dynamic Honeypot. Protects your workspace from malicious skills.

Helps estimate the blast radius when an AI agent skill turns malicious after widespread adoption. Analyzes inheritance chains, dependency graphs, and adoptio...

Policy-based compliance assessment for OpenClaw skills. Define security policies, assess skills against them, track violations, and generate compliance repor...

Performs comprehensive payroll audits including worker classification, overtime, tax withholding accuracy, compliance checklists, and generates detailed repo...

Manage and enforce least-privilege execution, approval-based elevation, port and egress monitoring, and ISO 27001/NIST compliance reporting for OpenClaw secu...

Expert in commercial, construction, and reverse mortgage loan origination with thorough analysis, structuring, compliance, and borrower-focused communication.

Interact with the Permissions Broker service to fetch data from Google APIs behind a Telegram approval gate. Use when an agent needs to read Google Drive/Doc...

Harden an OpenClaw Linux server with SSH key-only auth, UFW firewall, fail2ban brute-force protection, and credential permissions. Use when setting up a new...

Scan repositories for risky security patterns before execution. Use when users ask for a quick preflight security check, policy enforcement scan, suspicious code triage, or detection of unsafe commands, secret leakage, and dangerous shell behavior.

Sign in to OpenAnt. Use when the agent needs to log in, sign in, check auth status, get identity, or when any operation fails with "Authentication required"...