Agent Skills

AgenticMail

skills

Provides a full mailbox, SMS, storage and multi-agent task coordination for agents — secure outbound guards, spam filtering, and task queueing.

Very Good Security (Membrane integration)

application-skills

Membrane-powered integration for Very Good Security (VGS): manage tokenization, vault records, and proxy requests via the Membrane CLI and connector workflow.

Kube Audit Kit

kube-audit-kit

Read-only Kubernetes security audit toolkit that exports cluster resources, sanitizes metadata, groups applications, and generates PSS/NSA-compliant audit repor

ClawMoat — Agent Security Scanner

clawmoat

Scans agent inputs and outputs for prompt injection, jailbreaks, credential leaks, PII, and unsafe tool calls; includes scripts for scanning and auditing.

Microsoft Foundry Classic — Expert Guidance

agent-skills

Comprehensive guidance for building, configuring, troubleshooting, and deploying Microsoft Foundry Classic agents and integrations.

CTF Reverse Engineering

aboutsecurity

Practical reverse-engineering techniques for CTFs: static & dynamic analysis, anti-debug bypasses, custom VM handling, and multi-platform tooling.

Reverse Engineer

opencode-skills-collection

Guided methodology and best practices for binary reverse engineering, covering static and dynamic analysis workflows and common tooling.

API Security Testing Workflow

antigravity-awesome-skills

A step-by-step workflow for testing REST and GraphQL APIs, covering authentication, authorization, input validation, rate limiting, GraphQL checks, and error-ha

Perplexity Policy & Guardrails

pi_agent_rust

Policy-as-code and linting guardrails for Perplexity integrations: ESLint rules, pre-commit hooks, CI checks, and runtime safeguards to prevent secrets and unsa

API Security Testing

antigravity-awesome-skills

Guided workflow for testing REST and GraphQL APIs: authentication, authorization, input validation, rate limiting, error handling, and common API vulnerabilitie

OpenClaw Security Patrol

openclaw-security-watchdog

Run a one-click system security inspection that produces a human-friendly report; supports local (offline) scans and an optional --push mode for threat-intel en

Reverse Engineer

antigravity-awesome-skills

Provides step-by-step guidance and best practices for binary reverse engineering: static analysis, dynamic tracing, disassembly, and documentation workflows for

API Security Testing

awesome-skills-cn

A structured workflow for testing REST and GraphQL APIs covering discovery, authentication, authorization, input validation, rate limiting, and error handling.

Skill Vetter

skill-vetter

Pre-install security gate that scans a skill for prompt-injection, secrets, and other vulnerabilities before installation.

Command Injection Methodology

aboutsecurity

Comprehensive methodology for detecting, exploiting, and bypassing OS command injection, including blind extraction and output-filtering workarounds.

SOP: Code Review Workflow

aiskillstore

Structured 4-hour SOP for comprehensive code review: automated checks, specialized parallel reviews (quality, security, perf, architecture, docs), integration a

STRIDE Analysis Patterns

antigravity-awesome-skills

Apply the STRIDE threat-modeling methodology to systematically identify and document security threats during design, reviews, or audits.

Security Check

rails-agent-skills

Performs a focused security audit of Ruby on Rails applications: auth/authz checks, parameter handling, query safety, output encoding, file handling, and secret

ClawAPI — Model Switcher & Key Vault

clawapi

macOS utility to switch AI models and securely manage API keys for OpenClaw, with Touch ID protection and support for many providers.

Secret Detection & Prevention

qaskills

Guides agents to detect, prevent, and integrate secret-detection (API keys, passwords) into repos and CI using tools like gitleaks and trufflehog.

Security Headers Generator

skillshub

Auto-activating skill that generates and validates security HTTP headers and provides guidance for implementing secure header configurations.

AGI Autonomous Controller (legacy)

arifos

Legacy copy of the arifOS autonomous controller skill describing constitutional governance and automated remediation flows.

Gerrit Permission Manager

awesome-skills

Manage Gerrit repository and branch permissions at scale: templates, group mapping, manifest-based multi-repo permission sync, and drift detection for secure ac

Input Validation Checker

skillshub

Automated guidance and code patterns for implementing robust input validation and secure-coding practices (OWASP-aligned).

Tator Trader

skills

Build unsigned trade transactions from natural-language prompts across 24 chains using Tator's x402 API; review, sign, and broadcast securely.

Node.js Best Practices (v3)

awesome-omni-skills

Decision-focused Node.js guidance for framework choice, async patterns, security, testing, and architecture — teaches how to think about Node.js projects rather

Game Theory for Crypto

awesome-openclaw-skills

Framework and templates to analyze incentives, tokenomics, MEV, governance attacks, and auction mechanisms in blockchain protocols.

FedRAMP Compliance

devops-security-agent-skills

Guidance and templates to implement FedRAMP/NIST 800-53 controls, continuous monitoring, and authorization artifacts for cloud services pursuing federal complia

Aliyun ClawScan

skills

Static security assessment for OpenClaw: configuration audit plus skill static analysis to find high-risk behaviors before install.

Secure Code Guardian

claude-skills

Provides concrete guidance and code examples to implement authentication, authorization, input validation, and other defenses against OWASP Top 10 vulnerabiliti