Security

Analyze npm audit output with AI and get actionable fix suggestions. Use when dealing with security vulnerabilities.

Security scanner for AgentSkills. Scans skill directories for malicious patterns, credential theft, prompt injection, obfuscation, leaky skills, memory poisoning, prompt worms, and known ClawHavoc campaign IoCs. Run before installing any ClawHub skill.

This skill should be used when the user asks to "pentest WordPress sites", "scan WordPress for vulnerabilities", "enumerate WordPress users, themes, or plugins", "exploit WordPress vulnerabilities", or "use WPScan". It provides comprehensive WordPress security assessment methodologies.

This skill should be used when the user asks to "test for broken authentication vulnerabilities", "assess session management security", "perform credential stuffing tests", "evaluate password policies", "test for session fixation", or "identify authentication bypass flaws". It provides comprehensive techniques for identifying authentication and session management weaknesses in web applications.

Comprehensive SecOps skill for application security, vulnerability management, compliance, and secure development practices. Includes security scanning, vulnerability assessment, compliance checking, and security automation. Use when implementing security controls, conducting security audits, responding to vulnerabilities, or ensuring compliance requirements.

**Comprehensive macOS security monitoring for OpenClaw**

Implement Linkerd service mesh patterns for lightweight, security-focused service mesh deployments. Use when setting up Linkerd, configuring traffic policies, or implementing zero-trust networking with minimal overhead.

审计 skill 的安全风险。扫描凭据泄露、危险命令、网络外传、文件越界等问题。用于：(1) 安装新 skill 前的安全检查 (2) 定期审计现有 skills (3) 发布 skill 前的自检。触发词：skill 安全、审计、security audit、检查 skill。

No description provided.

Static analysis security scanner for third-party OpenClaw skills. Detects eval/spawn risks, malicious dependencies, typosquatting, and prompt injection patterns before installation. Use when vetting skills from ClawHub or untrusted sources.

YOLOv8-based camera surveillance with object detection. Works with any IP camera supporting RTSP streams or HTTP snapshots (Hikvision, Dahua, Reolink, Amcrest, Unifi, and more). Detects 80+ object types (person, car, dog, etc.) and sends notifications with snapshots. Use for motion detection, night watch routines, or security monitoring.

Security-first skill management for OpenClaw - like a bomb-sniffing dog for skills. Sniffs out malicious payloads (crypto stealers, keyloggers, reverse shells) before installation. Quarantine → Scan → Install only the safe ones.