MCP App StoreMCP App Store
from openclaw-security-watchdog310
Run a one-click system security inspection that produces a human-friendly report; supports local (offline) scans and an optional --push mode for threat-intel en
Performs a guided system security audit using Node.js scripts: environment checks, a comprehensive set of read-only system probes, and outputs a concise report saved under ~/.openclaw/security-reports/. Offers a privacy-aware local mode (no network) and an optional --push mode that uploads limited metadata to a vendor endpoint after explicit consent.
Use when a user requests a security audit, system check, or "巡检" / "security audit" phrase. Ideal for first-run health checks, periodic audits, and when the user wants a readable summary of PASS/FAIL/SKIP counts and a saved detailed report. Do NOT auto-run --push in scheduled cron jobs; --push requires explicit user consent.
Designed for OpenClaw and agents that can run local Node.js scripts and manage cron via openclaw CLI. Works best in environments where the agent can read local files under ~/.openclaw.
OpenClaw security audit skill that performs 14 comprehensive system checks across infrastructure, agent behavior, and supply chain security. The single JS script (58K chars) is well-structured with cross-platform support (macOS/Linux/Windows) and uses spawnSync with a command whitelist to prevent injection. Default mode is local/offline with no network calls. The --push mode sends device identifiers (MAC, hostname, persistent agent_id) and full skill inventory to auth.ctct.cn, which is a significant privacy concern despite the consent gate. The consent mechanism in SKILL.md is thorough but the data scope collected in push mode exceeds what's needed for threat intelligence. Script could not be executed by the audit runner (JS not supported), but static analysis was performed.
Not a malicious skill — it's a genuine security auditing tool with well-designed consent gates and local-first defaults. The main concern is the --push telemetry mode which collects more device data than strictly necessary for threat intelligence (full skill inventory including owner IDs, persistent agent_id). The default offline mode is clean with no network calls. Security deduction primarily for the push-mode data collection scope and the unauthenticated API endpoint. Code quality is solid with good error handling and cross-platform support, but the monolithic structure and Chinese-only documentation limit maintainability.
Reverse Engineer
Provides step-by-step guidance and best practices for binary reverse engineering: static analysis, dynamic tracing, disassembly, and documentation workflows for
Sandbox0 Integration
Guidance and templates for integrating Sandbox0 sandboxing into AI agents — CLI/SDK patterns, templates, volumes, network policy, and deployment choices.
Unitree Robot Controller
Control and command Unitree robots (GO1/GO2/G1/H1) via OpenClaw: initialization, basic motion commands, and sensor integrations.
OpenTestAI
Automated, high-confidence AI testing: bug detection, persona feedback, and prioritized test-case generation using many specialized tester profiles.
CTF Write-up Generator
Generate a concise, reproducible submission-style CTF writeup with a one-path solution script, metadata, and a short checklist for fast verification.
Minimal Run & Audit (repro reporting)
Execute a README-first smoke test and produce standardized reproducibility outputs (`repro_outputs/`) and PATCHES.md — trusted reporting for repo reproduction r
Skill Issue — Skill Auditor
Scan and audit installed agent skills to produce a health report covering inventory, usage, dependency checks, version status, and actionable recommendations.
GRC & Compliance (ServiceNow)
Guides Governance, Risk & Compliance (GRC) work in ServiceNow: policies, controls, risk records, audits and ES5 script examples for automating GRC workflows.