Loading...
Loading...
Found 2,961 Skills
Use when testing a web application for security vulnerabilities, before deployment or during security review — guides through a structured 10-phase penetration testing methodology covering mapping, authentication, session management, access controls, injection, logic flaws, and server configuration.
Apply CIS benchmarks and secure Linux servers. Configure SSH, manage users, implement firewall rules, and enable security features. Use when hardening Linux systems for production or meeting security compliance requirements.
Audit and harden your OpenClaw configuration. Checks AGENTS.md, gateway settings, sandbox config, and permission policies for security weaknesses.
Test skill for security scanning
Real-time security monitoring for Clawdbot. Detects intrusions, unusual API calls, credential usage patterns, and alerts on breaches.
Diagnose and resolve Elasticsearch security errors: 401/403 failures, TLS problems, expired API keys, role mapping mismatches, and Kibana login issues. Use when the user reports a security error.
Execute a comprehensive, framework-agnostic Security Audit. Detects project type at runtime and adapts security checks accordingly. Analyzes sensitive files, source code secrets, dependency vulnerabilities, and optionally uses Gemini AI for advanced analysis. Produces a severity-classified report. Use when the user asks to audit security, scan for vulnerabilities, check for secrets, or assess dependency risks. Triggers on: 'security audit', 'vulnerability scan', 'secret scan', 'dependency audit', 'security check', 'pentest', 'owasp'.
Comprehensive security scanning and vulnerability detection. Includes input validation, path traversal prevention, CVE detection, and secure coding pattern enforcement. Use when: authentication implementation, authorization logic, payment processing, user data handling, API endpoint creation, file upload handling, database queries, external API integration. Skip when: read-only operations on public data, internal development tooling, static documentation, styling changes.
Security skill for threat modeling, secure defaults, and security-focused code review in generic software projects.
Design and operate privacy and data security programs for SEC-registered firms under Reg S-P, Reg S-ID, and SEC cybersecurity expectations. Use when the user asks about privacy notices, the Safeguards Rule, identity theft prevention programs, breach notification obligations, vendor security due diligence, incident response planning, data classification, or state privacy law compliance. Also trigger when users mention 'customer data was exposed', 'do we need to notify clients of a breach', 'cybersecurity exam prep', 'cloud vendor risk assessment', 'encrypting client data', 'BYOD security policy', 'Red Flags Rule', 'NY DFS 500 requirements', or ask how to handle a cybersecurity incident.
Use when reviewing code for security vulnerabilities, implementing authentication or authorization, handling user input, managing secrets, or auditing dependencies for known CVEs. Triggers: auth implementation, input handling, secrets management, dependency audit, pre-deployment security check, OWASP compliance review.
Install and configure Keeper CLI tools (KSM CLI and Commander) for the Keeper Security agent kit. Use when the user needs to install keeper-secrets-manager-cli (ksm) or keepercommander (keeper), set up authentication, initialize profiles, configure persistent login, or troubleshoot Keeper CLI connectivity. Also use when the user says 'install keeper', 'setup keeper', 'configure keeper cli', or asks how to get started with Keeper's command line tools.