Security compliance

审计Agent上下文Token用量，识别浪费并提供3周可执行路线图，在保证质量的前提下降低AI成本30-40%。

OpenClaw 每日安全巡检技能。按固定清单检查网关 loopback、防火墙提醒、API 密钥在 .env、SOUL.md 安全规则、认证异常，并执行 openclaw security audi...

Statically audit Dockerfiles for common container hardening risks (root user, unpinned/latest base images, missing healthchecks, and risky b...

备份 OpenClaw 关键配置到桌面带时间戳的文件夹

Ensures OpenClaw gateway auth consistency and can auto-prompt "continue" when a run error (Unhandled stop reason: error) appears in gateway ...

通过钱包认证使用GiftDrop API发送、管理和领取Solana加密红包，支持自定义参数。

Audit GitHub Actions workflow cache usage for poisoning, keying, and secret-path risks.

Audit GitHub Actions cloud auth workflows for OIDC hardening gaps like missing id-token write permissions, static cloud secrets, and floatin...

Audit GitHub Actions workflow permission scope drift to enforce least-privilege token access.

Audit GitHub Actions rerun dependency and success-after-rerun effectiveness to highlight workflows wasting CI time.

Audit GitHub Actions workflow files for secret exposure risks like pull_request_target secret usage, secret echo commands, and unpinned acti...

Audit GitHub Actions workflows that use self-hosted runners for untrusted trigger and credential-hardening risks.

Audit GitHub Actions workflow files for hardening gaps (missing timeouts/permissions/concurrency and floating action refs).

A comprehensive AI agent skill for understanding, writing, and evaluating guarantees in business and legal contexts. Helps businesses craft ...

Check whether OpenClaw is listening beyond localhost or running with elevated privileges, then offer a conservative lockdown fix.

提供Learn-Anything.xyz知识图谱中的优质学习资源和路径，涵盖编程、AI、数据科学、理财、加密货币等领域。

读取、总结并搜索授权路径内10MB以下的本地文本、Markdown、JSON、DOCX及PDF文件内容。

Persistent memory and cryptographic identity via MoltNet. Connects to a remote MCP server over SSE, authenticates via OAuth2 client_credenti...

Decentralized Identity (DID) and Verifiable Credentials management for AI Agents

macOS Keychain helpers (list/get/set/delete) via the security CLI. Trigger this skill when the user needs to inspect, store, update, or remo...

Security vetting protocol before installing any AI agent skill. Red flag detection for credential theft, obfuscated code, exfiltration. Risk...

Applies production-grade behavioral discipline to any AI agent session. Use when configuring a new agent, auditing an existing agent for bad...

One-Time Confirmation code security mechanism for sensitive agent operations. Generates a cryptographically secure single-use code, delivers...

Security audit for multi-tenant OpenClaw Telegram bots. Checks workspace isolation, filesystem sandboxing, session scoping, auth separation,...

智能量化投资助手，支持多源数据获取、因子计算、多引擎回测、实时风控和交易信号推送。