dont-hack-me別駭我!基本安全檢測 — Security self-check for Clawdbot/Moltbot. Run a quick audit of your clawdbot.json to catch dangerous misconfigurations — exposed gateway, missing auth, open DM policy, weak tokens, loose file permissions. Auto-fix included. Invoke: "run a security check" or "幫我做安全檢查".
Install via ClawdBot CLI:
clawdbot install peterokase42/dont-hack-meGrade Good — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Calls external URL not in known-safe list
https://github.com/peterann/dont-hack-meAudited Apr 16, 2026 · audit v1.0
Generated Mar 1, 2026
A small business deploys an AI agent on a shared server to handle customer inquiries via messaging platforms. This skill ensures the agent's configuration is secure, preventing unauthorized network access and protecting sensitive customer data from exposure due to misconfigurations.
A freelancer uses an AI agent for task automation and communication across multiple channels while working from public networks. The skill audits the config to enforce strict DM and group policies, reducing the risk of malicious commands from unknown users.
A university research team runs an AI agent to collect and analyze data from online sources. This skill checks for weak tokens and plaintext secrets, ensuring that API keys and research data are not leaked through insecure config files.
A healthcare provider implements an AI chatbot for patient support and appointment scheduling. The skill verifies file permissions and gateway auth to comply with data privacy regulations, preventing unauthorized access to sensitive health information.
A tech startup uses AI agents in development and testing environments to automate workflows. This skill scans for open gateway binds and loose group policies, securing the setup against internal and external threats during rapid iteration.
Offer basic security checks for free to attract users, with premium features like automated fixes, detailed reports, and integration with CI/CD pipelines for a subscription fee. Revenue comes from monthly plans and enterprise licenses.
Provide personalized security audits and configuration fixes for businesses deploying AI agents. Revenue is generated through one-time project fees or retainer contracts, with upsells for ongoing monitoring and support.
Distribute the skill as open-source software to build a community, while offering paid support, training, and enterprise-grade features. Revenue streams include support contracts, custom development, and donations.
💬 Integration Tip
Integrate this skill into your AI agent's setup process to run automatic security checks on first launch, ensuring safe defaults from the start.
Scored Apr 19, 2026
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Manage and operate ClawSec Monitor v3.0, a MITM HTTP/HTTPS proxy that logs AI agent traffic, detects exfiltration and injection threats in real time.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.
MoltGuard — OpenClaw security guard by OpenGuardrails. Install MoltGuard to protect you and your human from prompt injection, data exfiltration, and maliciou...
Safe command execution for OpenClaw Agents with automatic danger pattern detection, risk assessment, user approval workflow, and audit logging. Use when agen...
Scan ClawHub skills for security vulnerabilities BEFORE installing. Use when installing new skills from ClawHub to detect prompt injections, malware payloads, hardcoded secrets, and other threats. Wraps clawhub install with mcp-scan pre-flight checks.