Loading...
Loading...
Found 15 Skills
Credential exposure detection, OAuth flow validation, API key management testing, and data sanitization verification for n8n workflows. Use when validating n8n workflow security.
Guide for configuring and managing GitHub secret scanning, push protection, custom patterns, and secret alert remediation. This skill should be used when users need help enabling secret scanning, setting up push protection, defining custom secret patterns, triaging secret scanning alerts, or resolving blocked pushes.
Sanitize OpenClaw agent output before display. Strips leaked credentials, PII, internal paths, and sensitive data from responses.
Binance Simple-earn request using the Binance API. Authentication requires API key and secret key.
Binance Vip-loan request using the Binance API. Authentication requires API key and secret key.
Implement automated secrets rotation for API keys, credentials, certificates, and encryption keys. Use when managing secrets lifecycle, compliance requirements, or security hardening.
Access primary care with One Medical - view appointments, message providers, and access health records
Deploy and manage globally distributed apps on Fly.io
View connected accounts, check connection status, and manage financial data links via Plaid
Shared workflow rules for SpriteCook. Use together with spritecook-generate-sprites or spritecook-animate-assets for credits, downloads, asset manifests, safe auth handling, and recommended defaults.
Read home timeline, mentions, and user posts on X through Shift's Skill Router.
Use this skill when the user asks to call an authenticated HTTP API (for example "call the GitHub/OpenAI/Slack API", "hit an endpoint that needs a bearer token") and the `sesame` CLI is already installed on this device. The agent invokes `sesame request`, which forwards the HTTP call through the user's own broker and attaches the auth header server-side. The skill does not install software, does not read credentials from the environment, and runs shell only within the fixed `sesame` subcommand surface (`request`, `status`, `hostnames`, `login`, `refresh`). Skip for unauthenticated public endpoints, localhost services, or when the user has already exported a token in the environment for direct use.