Loading...
Loading...
Found 22 Skills
Scan untrusted external text (web pages, tweets, search results, API responses) for prompt injection attacks. Returns severity levels and alerts on dangerous content. Use BEFORE processing any text from untrusted sources.
Comprehensive security and safety evaluation system for agent skills (.skill files). Use when users provide GitHub URLs, website links, or .skill files for download and request security assessment, safety evaluation, or ask "is this skill safe to use." Evaluates prompt injection risks, malicious code patterns, hidden instructions, data exfiltration attempts, and provides actionable recommendations with risk scoring.
Expert skill for prompt engineering and task routing/orchestration. Covers secure prompt construction, injection prevention, multi-step task orchestration, and LLM output validation for JARVIS AI assistant.
Expert skill for integrating cloud AI APIs (Claude, GPT-4, Gemini). Covers secure API key management, prompt injection prevention, rate limiting, cost optimization, and protection against data exfiltration attacks.
Use this agent when working with prompt injection detection integration tests, including running tests, debugging failures, or adding new test samples.
Semantic security scanner for OpenClaw skills. Detects prompt injection, data exfiltration, and hidden instructions that traditional code scanners miss. Use when user asks to scan skills, check skill safety, or run a security audit.
Security patterns for LLM integrations including prompt injection defense and hallucination prevention. Use when implementing context separation, validating LLM outputs, or protecting against prompt injection attacks.
OWASP Top 10 for LLM Applications - prevention, detection, and remediation for LLM and GenAI security. Use when building or reviewing LLM apps - prompt injection, information disclosure, training/supply chain, poisoning, output handling, excessive agency, system prompt leakage, vectors/embeddings, misinformation, unbounded consumption.
Use this skill whenever Claude needs to fetch, read, extract, or analyze content from a web URL. Converts web pages into clean, token-efficient markdown using the markdown.new service instead of fetching raw HTML. Trigger when the user provides a URL and wants its content summarized, quoted, analyzed, compared, extracted, or processed. Also trigger when Claude needs to read documentation, blog posts, articles, wikis, release notes, changelogs, or any web-hosted text content. Even if the user just pastes a URL with no instruction, use this skill. Do NOT use for binary files, authenticated pages, or API endpoints returning JSON/XML.
Senior AI Security Architect. Expert in Prompt Injection Defense, Zero-Trust Agentic Security, and Secure Server Actions for 2026.