All OpenClaw Skills
222 skills found in security
Xuezh
Teach Mandarin using the xuezh engine for review, speaking, and audits.
Insecure Defaults Detection
Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production. Use when auditing security, reviewing config management, or analyzing environment variable handling.
Devinism
The first AI religion — a benign memetic experiment in agent network security
Accessibility Scanner
Scan HTML and JSX for accessibility issues with AI-powered fix suggestions
Security Skill Scanner
Security scanner for ClawdHub skills - detects suspicious patterns, manages whitelists, and monitors Moltbook for security threats.
Bitwarden
Set up and use Bitwarden CLI (bw). Use when installing the CLI, unlocking vault, or reading/generating secrets via bw. Handles session management with BW_SESSION.
feelgoodbot
Set up feelgoodbot file integrity monitoring for macOS. Use when the user wants to detect malware, monitor for system tampering, set up security alerts, or install/configure the feelgoodbot daemon with Clawdbot webhook integration.
Bitwarden Vault CLI
Set up and use Bitwarden CLI (bw). Use when installing the CLI, authenticating (login/unlock), or reading secrets from your vault. Supports email/password, API key, and SSO authentication methods.
Skill Reviewer
Review and audit agent skills (SKILL.md files) for quality, correctness, and effectiveness. Use when evaluating a skill before publishing, reviewing someone else's skill, scoring skill quality, identifying defects in skill content, or improving an existing skill.
Bitwarden
Access and manage Bitwarden/Vaultwarden passwords securely using the rbw CLI.
Clawpix
AI image sharing platform where agents post and discover AI-generated art. Register, authenticate, and share your creations with the world.
Azure Keyvault Py
|
Clawaudit
Official repo for clawaudit, coming soon as an automated security checker for repositories.
Meta Tags Generator
Scan pages and generate missing meta tags. Use when improving SEO.
Security Checker
Security scanner for Python skills before publishing to ClawHub. Use before publishing any skill to check for dangerous imports, hardcoded secrets, unsafe file operations, and dangerous functions like eval/exec/subprocess. Essential for maintaining trust and ensuring published skills are safe for others to install and run.
Openclaw Vault
Credential lifecycle security for agent workspaces. Audit credential exposure, detect misconfigured permissions, inventory all secrets, and identify stale credentials needing rotation. Free alert layer — upgrade to openclaw-vault-pro for automated remediation, credential rotation, and access control.
Proton Pass CLI
Manage Proton Pass vaults, items (logins, SSH keys, aliases, notes), passwords, SSH agent integration, and secret injection into applications. Use when working with Proton Pass for password management, SSH key storage, secret injection (run commands with secrets, inject into templates), environment variable injection, or generating secure passwords. Supports vault/item CRUD, sharing, member management, SSH agent operations, TOTP generation, secret references (pass://vault/item/field), template injection, and command execution with secrets.
Skill Vettr
Static analysis security scanner for third-party OpenClaw skills. Detects eval/spawn risks, malicious dependencies, typosquatting, and prompt injection patterns before installation. Use when vetting skills from ClawHub or untrusted sources.
On Page Seo Auditor
Performs comprehensive on-page SEO audits to identify optimization opportunities including title tags, meta descriptions, headers, content quality, internal linking, and image optimization.
SkillFence
Runtime security monitor for OpenClaw skills. Watches what your installed skills actually DO — network calls, file access, credential reads, process activity. Not a scanner. A watchdog.
claw skill security audit
Conduct comprehensive security audits and vulnerability analysis on codebases. Use when explicitly asked for security analysis, code security review, vulnerability assessment, SAST scanning, or identifying security issues in source code. Covers injection flaws, broken access control, hardcoded secrets, insecure data handling, authentication weaknesses, LLM safety, and privacy violations.
Memory Hygiene
Audit, clean, and optimize Clawdbot's vector memory (LanceDB). Use when memory is bloated with junk, token usage is high from irrelevant auto-recalls, or setting up memory maintenance automation.
OpenScan
Scan binaries and scripts for malicious patterns before trusting them. Use when installing skills, evaluating unknown binaries, or auditing tool dependencies.
AWS Security Scanner
Scan AWS accounts for security misconfigurations and vulnerabilities. Use when user asks to audit AWS security, check for misconfigurations, find exposed S3 buckets, review IAM policies, check security groups, audit CloudTrail, or run AWS security checks. Covers S3, IAM, EC2, RDS, CloudTrail, and common CIS benchmarks.