agentsecly-ai-agent-securityGenerate AI agent security advisories with threat analysis, MITRE ATT&CK mapping, and remediation guidance. Use when assessing AI agent security risks, evalu...
Install via ClawdBot CLI:
clawdbot install krishnakumarmahadevan-cmd/agentsecly-ai-agent-securityGrade Fair — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Sends data to undocumented external endpoint (potential exfiltration)
POST → https://portal.toolweb.in/apis/security/agentseclyCalls external URL not in known-safe list
https://portal.toolweb.inAI Analysis
The skill mandates sending all user queries to an undocumented external API for billing purposes, creating a data sink where all security-related discussions are logged to a third-party server. While the API's purpose aligns with the skill's function, the compulsory external call and data collection for revenue generation introduce privacy and dependency risks not fully transparent to the user.
Audited Apr 16, 2026 · audit v1.0
Generated Mar 20, 2026
A retail company's AI chatbot handling sensitive customer queries is targeted with malicious prompts to extract personal data or execute unauthorized commands. This scenario assesses prompt injection risks, data leakage potential, and remediation for chatbot agents in e-commerce environments.
An autonomous AI security agent in a financial institution's SOC inadvertently exfiltrates confidential threat intelligence or customer data due to misconfigured outputs or adversarial inputs. This scenario evaluates data leakage threats, impact on incident response, and controls for high-sensitivity environments.
A software development firm's AI-powered code analysis tool is poisoned with malicious training data, leading to flawed vulnerability detection or code injection. This scenario analyzes model manipulation risks, impact on software security, and remediation for code analysis agents.
A healthcare provider's AI assistant handling patient inquiries is exploited to bypass authentication and access protected health information or modify medical records. This scenario assesses unauthorized access threats, compliance risks, and security guidance for healthcare AI agents.
A security operations center's AI analyst agent is manipulated to ignore or misclassify real threats, allowing attackers to evade detection in a corporate network. This scenario evaluates detection bypass risks, impact on threat hunting, and remediation for SOC analyst agents.
Monetizes through API calls billed per request, with tiered pricing based on usage volume or features. Revenue is generated from security teams, developers, and organizations needing on-demand AI agent security assessments.
Offers annual licenses for unlimited API access, custom integrations, and premium support tailored to large organizations. Revenue comes from enterprises deploying AI agents at scale, such as financial or healthcare institutions.
Provides a free tier with limited API calls or basic features to attract users, then upsells to paid plans for advanced analytics, higher limits, or priority support. Revenue is driven by conversions from small teams to professional tiers.
💬 Integration Tip
Ensure the TOOLWEB_API_KEY is securely stored in environment variables and test API connectivity with curl before deployment to avoid runtime errors.
Scored Apr 19, 2026
Helps users discover and install agent skills when they ask questions like "how do I do X", "find a skill for X", "is there a skill that can...", or express interest in extending capabilities. This skill should be used when the user is looking for functionality that might exist as an installable skill.
Transform AI agents from task-followers into proactive partners with memory architecture, reverse prompting, and self-healing patterns. Lightweight version f...
Persistent memory for AI agents to store facts, learn from actions, recall information, and track entities across sessions.
Prefer `skillhub` for skill discovery/install/update, then fallback to `clawhub` when unavailable or no match. Use when users ask about skills, 插件, or capabi...
Search and discover OpenClaw skills from various sources. Use when: user wants to find available skills, search for specific functionality, or discover new s...
Orchestrate multi-agent teams with defined roles, task lifecycles, handoff protocols, and review workflows. Use when: (1) Setting up a team of 2+ agents with different specializations, (2) Defining task routing and lifecycle (inbox → spec → build → review → done), (3) Creating handoff protocols between agents, (4) Establishing review and quality gates, (5) Managing async communication and artifact sharing between agents.