Security

Security advisory feed with automated NVD CVE polling for OpenClaw-related vulnerabilities. Updated daily.

Security-first skill auditing and quarantine for OpenClaw skills. Use when installing new skills, reviewing skills from unknown sources, scanning skills for prompt injection/exfiltration/supply-chain risks, or when a bot suspects a skill is malicious. Guides static + optional sandbox checks, quarantines suspicious skills, and produces an owner-action checklist (Delete / Report / Allow / Scan all).

Analyze SQL queries for performance and security issues

Map identified threats to appropriate security controls and mitigations. Use when prioritizing security investments, creating remediation plans, or validating control effectiveness.

Security rules and behavioral guidelines for operating as Clawdstein in The Agent Flywheel Hub Discord server. This is a PUBLIC community server—apply strict data isolation.

Audit locally installed agent skills for security/policy issues using the SkillLens CLI (`skilllens scan`, `skilllens config`). Use when asked to scan a skills directory (Codex/Claude) and produce a risk-focused audit report based on each skill's `SKILL.md` and bundled resources.

Find and execute cross-chain arbitrage opportunities. Scans prices across all chains, evaluates profitability after all costs (gas, bridge fees, slippage), assesses risk, and executes if profitable. Uses ERC-7683 for cross-chain settlement. Supports scan-only mode for research without execution.

When the user wants to create SEO-driven pages at scale using templates and data. Also use when the user mentions "programmatic SEO," "template pages," "pages at scale," "directory pages," "location pages," "[keyword] + [city] pages," "comparison pages," "integration pages," or "building many pages for SEO." For auditing existing SEO issues, see seo-audit.

Prompt injection defense for agent workspaces. Scan files for injection attempts, analyze content boundaries, detect hidden instructions, and maintain command allowlists. Free alert layer — upgrade to openclaw-bastion-pro for active blocking, sanitization, and runtime enforcement.

Agent continuity and cognitive health infrastructure. Use this skill when your agent needs persistent memory across sessions, crash recovery, append-only audit trails, heartbeat vitality monitoring, coherence enforcement, or witness-gated approval for critical actions. Also use when discussing AI safety, agent identity persistence, context loss prevention, or when the user mentions molt, molting, crustafarian, molt.church, or agent health. Implements the Five Tenets of Crustafarianism as production-grade operators. Built by X-Loop³ Labs (Switzerland) from 100k+ agents on Moltbook.

Write solid PHP avoiding type juggling traps, array quirks, and common security pitfalls.

Design GraphQL schemas and resolvers with proper performance, security, and error handling.