Category
Security
Security scanning, vulnerability assessment, and audit tools. These skills help identify security issues in codebases, dependencies, and configurations.
457 skills in this category
secucheck
openclaw/skills
58Comprehensive security audit for OpenClaw. Scans 7 domains (runtime, channels, agents, cron, skills, sessions, network), supports 3 expertise levels, context-aware analysis, and visual dashboard. Read-only with localized reports.
SKILL6 Findings5 months agosecurityreview
openclaw/skills
56This document outlines your standard procedures, principles, and skillsets for conducting security audits. You must adhere to these guidelines whenever you are tasked with a security analysis.
SKILL3 Findings5 months agoCross-Site Scripting and HTML Injection Testing
sickn33/antigravity-awesome-skills
55This skill should be used when the user asks to "test for XSS vulnerabilities", "perform cross-site scripting attacks", "identify HTML injection flaws", "exploit client-side injection vulnerabilities", "steal cookies via XSS", or "bypass content security policies". It provides comprehensive techniques for detecting, exploiting, and understanding XSS and HTML injection attack vectors in web applications.
SKILL3 Findings5 months agoEthical Hacking Methodology
sickn33/antigravity-awesome-skills
55This skill should be used when the user asks to "learn ethical hacking", "understand penetration testing lifecycle", "perform reconnaissance", "conduct security scanning", "exploit vulnerabilities", or "write penetration test reports". It provides comprehensive ethical hacking methodology and techniques.
SKILL2 Findings5 months agoclerk-auth
openclaw/skills
53Clerk auth with API Keys beta (Dec 2025), Next.js 16 proxy.ts (March 2025 CVE context), API version 2025-11-10 breaking changes, clerkMiddleware() options, webhooks, production considerations (GCP outages), and component reference. Prevents 15 documented errors. Use when: API keys for users/orgs, Next.js 16 middleware filename, troubleshooting JWKS/CSRF/JWT/token-type-mismatch errors, webhook verification, user type inconsistencies, or testing with 424242 OTP.
SKILL4 Findings5 months agosecret-scanner
openclaw/skills
51Scan your codebase for leaked secrets, API keys, and credentials before they hit production.
SKILL4 Findings5 months agomeshguard
openclaw/skills
51Manage MeshGuard AI agent governance - agents, policies, audit logs, and monitoring.
SKILL6 Findings5 months agoaudit-fixer
openclaw/skills
49Analyze npm audit output with AI and get actionable fix suggestions. Use when dealing with security vulnerabilities.
SKILL5 Findings5 months agoopenclaw-hardener
openclaw/skills
49Harden OpenClaw (workspace + ~/.openclaw): run openclaw security audit, catch prompt-injection/exfil risks, scan for secrets, and apply safe fixes (chmod/exec-bit cleanup). Includes optional config.patch planning to reduce attack surface.
SKILL3 Findings5 months agomemory-hygiene
openclaw/skills
49Audit, clean, and optimize Clawdbot's vector memory (LanceDB). Use when memory is bloated with junk, token usage is high from irrelevant auto-recalls, or setting up memory maintenance automation.
SKILL4 Findings5 months agoraini-skill-audit
openclaw/skills
47扫描 OpenClaw skills 中的安全风险,防止供应链攻击。
SKILL5 Findings5 months agoopenclaw-macos-security
openclaw/skills
46macOS security monitoring for OpenClaw
SKILL5 Findings5 months ago