security
4K
skill-vetter-jarvis
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
openclaw
testing-security
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
security
4K
drission-sota-toolkit
Professional Web Intelligence & Automation Toolkit. Features Protocol Phantom (TLS/JA4), Local Socket Relaying, and Hardened physical gating.
openclaw
testing-security
security
4K
ultimate-freedom-protocol
Ultimate Web Freedom Protocol (v9.0.0). Leverages 'Protocol Phantom' (curl_cffi kernel-level TLS impersonation) to bypass DataDome, Cloudflare, and Bilibili. Ideal for undetectable server-side data extraction.
openclaw
testing-security
security
4K
side-peace
Minimal secure secret handoff. Zero external deps. Human opens browser form, submits secret, agent receives it via temp file. Secret NEVER appears in stdout/logs.
openclaw
testing-security
security
4K
lukso-agent-comms
Standardized agent-to-agent communication protocol for OpenClaw agents on the LUKSO blockchain. Uses LSP1 Universal Receiver as the transport.
openclaw
testing-security
security
4K
bailian-usage-proxy
阿里百炼大模型平台的多人共享账号用量统计代理服务。用于解决公司共用阿里百炼账号时无法区分个人用量的问题。当用户需要:1) 部署阿里百炼用量统计代理,2) 统计多人Token用量和调用次数,3) 管理大模型API调用配额时激活此技能。
openclaw
testing-security
security
4K
swarmsync-register
Register this OpenClaw agent on the SwarmSync.AI marketplace as a paid service provider. Use when: (1) user wants to list their agent on SwarmSync, (2) user says "publish to agent marketplace", (3) user wants to earn from their OpenClaw skills, (4) user says "register with SwarmSync", (5) user wants to set up AP2 escrow payments for their agent, (6) user asks about referral links or affiliate earnings. Triggers on "swarmsync", "agent marketplace", "register agent", "earn from agent", "AP2 endpoint", "referral link", "affiliate commission".
openclaw
testing-security
security
4K
claude-to-free
Migrate OpenClaw from Claude subscription OAuth to a free or cheap model provider (OpenRouter, Gemini, Ollama). Use when the user says Claude stopped working, gets an auth error, mentions the Anthropic April 2026 subscription ban, or asks to switch models without paying Anthropic more.
openclaw
testing-security
security
4K
mailcheck-email-verification
Email verification skill for MailCheck API - verify emails, bulk processing, authenticity analysis
openclaw
testing-security
security
4K
ratgdo32-disco
Control a ratgdo32 disco garage door opener via its local web API. Use when the user asks to open/close the garage, check garage status, toggle the garage light, check if a car is parked, enable/disable remotes, or anything involving the garage door. Supports door control, light, obstruction detection, vehicle presence (laser sensor), parking assist, motion, and remote lockout. Uses local network trust model (LAN-only, no internet exposure).
openclaw
testing-security
security
4K
captcha-solver
验证码识别与解决 - 本地OCR识别 + 第三方API / CAPTCHA Recognition and Solving - Local OCR + Third-party APIs
openclaw
testing-security
security
4K
weibo-login
登录微博账号的技能。使用浏览器扫码登录微博(weibo.com),用于保持会话状态以便后续抓取内容或发帖。当用户需要登录微博时使用此技能。
openclaw
testing-security
security
4K
liberfi-auth
Authenticate with LiberFi: register a new account, log in, manage session state, and verify wallet assignments. Two login modes are supported: 1. Key-based (--key): Generates a local P-256 key pair and signs a timestamp. Ideal for agent / headless / automated environments. No email required; a TEE wallet is created automatically. 2. Email OTP: Sends a 6-digit code to the user's email. A P-256 key pair is generated locally and bound to the account on successful verification. A TEE wallet is created automatically. After authentication, a LiberFi JWT is stored in ~/.liberfi/session.json. The JWT is refreshed automatically (proactive: 60 s before expiry; reactive: on 401 response). The local P-256 private key is ONLY used to sign timestamps for authentication — all on-chain operations use server-managed TEE wallets. Trigger words: login, sign in, authenticate, register, create account, logout, sign out, verify, check auth, am I logged in, session status, who am I, my wallet address, my ac
openclaw
testing-security
security
4K
matrix-fix
修复 Matrix Channel 常见问题:加密模块安装、token 过期处理、重新登录等。 Use when: Matrix channel 无法正常工作、加密模块报错、token 失效等问题。
openclaw
testing-security
security
4K
pre-task-checklist
Mandatory pre-task verification protocol to prevent forgetfulness, stale data errors, and context loss. Use when: (1) starting any non-trivial task, (2) before using stored credentials/IPs/paths, (3) when context feels uncertain, (4) after context window compaction, (5) any mention of "verify", "check", "confirm", "did I remember". Triggers on: "before I start", "pre-task", "verify this", "check if I remembered", "am I missing something", "did I forget".
openclaw
testing-security
security
4K
edgeone-clawscan
Comprehensive OpenClaw security scanning powered by Tencent Zhuque Lab A.I.G (AI-Infra-Guard). Use when the user asks to start a security health check or security scan for the current OpenClaw environment, such as `开始安全体检`, `做一次安全体检`, `开始安全扫描`, `全面安全检查`, or `检查 OpenClaw 安全`; also use when the user asks to audit a specific skill before installation, review installed skills for supply chain risk, or investigate whether a skill is safe. Do not trigger for general OpenClaw usage, project debugging, environment setup, or normal development requests.
openclaw
testing-security
security
4K
scanwow-sync
Sync your OpenClaw agent with the ScanWow iOS app. Receive high-quality OCR scans from your phone directly into your agent's workspace via a secure webhook.
openclaw
testing-security
security
4K
realworldclaw
Give your AI agent physical world capabilities via RealWorldClaw — control ESP32 modules, read sensors (temperature, humidity, motion), actuate relays/servos/LEDs, and create automation rules. Use when: (1) controlling IoT/ESP32 hardware, (2) reading sensor data, (3) automating physical actions based on conditions, (4) managing RWC-compatible devices, (5) 3D printing related device control. NOT for: pure software tasks, cloud-only APIs unrelated to physical devices.
openclaw
testing-security
security
4K
youtube-upload
Uploads a video to YouTube using the official YouTube Data API v3 and OAuth 2.0. Use this skill when the user asks to upload a video to YouTube. It supports titles, descriptions, privacy settings (public, private, unlisted), and large file chunking. Requires a Google Cloud 'client_secret.json' file.
openclaw
testing-security
security
4K
youtube-upload
Uploads a video to YouTube using the official YouTube Data API v3 and OAuth 2.0. Use this skill when the user asks to upload a video to YouTube. It supports titles, descriptions, privacy settings (public, private, unlisted), and large file chunking. Requires a Google Cloud 'client_secret.json' file.
openclaw
testing-security
security
4K
pipeworx-airquality
Air Quality MCP — wraps air-quality-api.open-meteo.com (free, no auth)
openclaw
testing-security
security
4K
feishu-file-upload
Upload and send local files to Feishu chats. Requires Feishu app credentials (app_id/app_secret) in ~/.openclaw/openclaw.json. Use when user asks to send/share/upload files (CSV, PDF, Excel, images, ZIP) to Feishu. Supports chat_id (groups), open_id/user_id (users), and email recipients.
openclaw
testing-security
security
4K
secret-safe
Secure API key and secrets management for agent skills. Use this skill whenever a task requires authenticating with an external service, reading or writing API keys, tokens, passwords, or credentials of any kind. Also trigger when auditing other skills for credential leaks, when a user asks how to securely pass a secret to a skill, or when reviewing a SKILL.md that handles sensitive values. This skill teaches the agent how to handle secrets WITHOUT ever placing them in the LLM context, prompts, logs, or output artifacts — using OpenClaw's native env injection instead.
openclaw
testing-security