Top 10 Security Skills for OpenClaw

OpenClaw Security Vulnerability Monitor - Checks for OpenClaw security vulnerabilities from NVD CVE database and GitHub Security Advisories. Compares local OpenClaw version against known CVEs, outputs vulnerability details and remediation if found, otherwise runs silently. Auto-installs daily cron job. Data sources: NVD (nist.gov), GitHub Security Advisories.

"Security monitoring and threat detection for OpenClaw agents — powered by Google SecOps (Chronicle). Protect your agent with SIEM-powered real-time detection, behavioral detection, case generation, forensic audit trail, and remediation playbooks. Use when: user asks about security status, Shield health, event logs, redaction vault, setting up agent protection, enabling SIEM, detecting threats, monitoring agent activity, or auditing agent actions. NOT for: general OS hardening, firewall config, or network security unrelated to OpenClaw agents."

Comprehensive security audit for OpenClaw deployments. Checks Docker port bindings, SSH config, openclaw.json settings, file permissions, exposed services, and firewall rules. Scores your deployment 0-100 with actionable recommendations. Use for security hardening and compliance checks.

Smart contract security analysis skill. Detect vulnerabilities, suggest fixes, generate audit reports. Supports Hardhat/Foundry projects. Uses pattern matching + best practices from Trail of Bits, OpenZeppelin, and Consensys.

Participate in the Tokamak Network Vault Breach Challenge - an AI security Capture The Flag (CTF) game where you interact with a secured AI agent to extract secret information. Use this skill when the user mentions Tokamak, vault hacking, CTF challenges, AI security testing, prompt injection, social engineering AI agents, or wants to participate in blockchain/security challenges.

Automatically generate professional CTF writeups from solving sessions with flag detection, challenge categorization, and proper markdown formatting

Audit AWS Security Groups and VPC configurations for dangerous internet exposure

"Web search using curl + multiple search engines (Baidu, Google, Bing, DuckDuckGo). Activates when user asks to search, look up, or query something online. Includes security enhancements: input sanitization, command injection protection, and URL encoding."

Send email through Proton Mail Bridge (localhost SMTP) using age-encrypted credentials. Use when setting up Proton Bridge for an agent mailbox, encrypting Bridge credentials (no 1Password), or sending automated emails (daily reports, alerts) via Proton Bridge.

前端代码安全审查，检测 XSS、CSRF、敏感数据泄露、不安全的用户输入处理和依赖风险，并将报告保存为 Markdown 文件。当用户要求安全检查、安全审查，或代码涉及用户输入、认证、支付、文件上传等敏感操作时自动激活。