Total 50,360 skills, Security & Compliance has 1967 skills
Showing 12 of 1967 skills
Comprehensive security auditor for OpenClaw skills. Checks for typosquatting, dangerous permissions, prompt injection, supply chain risks, and data exfiltration patterns — before you install anything.
Guides through Trail of Bits' 5-step secure development workflow. Runs Slither scans, checks special features (upgradeability/ERC conformance/token integration), generates visual security diagrams, helps document security properties for fuzzing/verification, and reviews manual security areas.
Guide for understanding and contributing to the awesome-game-security curated resource list. Use this skill when adding new resources, organizing categories, understanding project structure, or maintaining the README.md format consistency.
Generate a response to a common legal inquiry using configured templates, with built-in escalation checks for situations that shouldn't use a templated reply. Use when responding to data subject requests, litigation hold notices, vendor legal questions, NDA requests from business teams, or subpoenas.
Vercel Firewall and security expert guidance. Use when configuring DDoS protection, WAF rules, rate limiting, bot filtering, IP allow/block lists, OWASP rulesets, Attack Challenge Mode, or any security configuration on the Vercel platform.
Use this skill when the user asks to scan a transaction, check transaction safety, is this transaction safe, pre-execution check, security scan, tx risk check, check if this approve is safe, scan this swap tx, is this token safe, check token security, honeypot check, is this URL a scam, check if this dapp is safe, phishing site check, is this signature safe, check this signing request, check my approvals, show risky approvals, revoke approval, token authorization, ERC20 allowance, Permit2, or mentions transaction security scanning, token risk scanning, DApp/URL phishing detection, message signature safety, pre-execution risk analysis, malicious transaction detection, approval safety checks, or token approval management. Covers token-scan (batch token risk detection), dapp-scan (URL/domain phishing detection), tx-scan (EVM + Solana transaction pre-execution), sig-scan (EIP-712/personal_sign message scanning), and approvals (ERC-20 allowance and Permit2 authorization queries). Chinese: 安全扫描, 代币安全, 蜜罐检测, 貔貅盘, 钓鱼网站, 交易安全, 签名安全, 代币风险, 授权管理, 授权查询, 风险授权, 代币授权. Do NOT use for wallet balance, send, or history — use okx-agentic-wallet. Do NOT use for general programming questions about security.
Use this skill when the user asks to export audit logs, find audit log location, view command history, 导出日志, 查看日志, 日志路径, 操作记录, 调用记录, 命令历史. Do NOT use for wallet balance, token search, swap, or any other on-chain operation — use the corresponding skill instead.
Security-first WordPress development with nonces, sanitization, validation, and escaping to prevent XSS, CSRF, and SQL injection vulnerabilities.
Detect API keys, passwords, tokens, and other secrets in code. Use when you need to find hardcoded credentials and sensitive data in source code.
Review contracts against your organization's negotiation playbook, flagging deviations and generating redline suggestions. Use when reviewing vendor contracts, customer agreements, or any commercial agreement where you need clause-by-clause analysis against standard positions.
Expert at securing web applications against OWASP Top 10 vulnerabilities. Covers authentication, authorization, input validation, XSS prevention, CSRF protection, secure headers, and security testing. Treats security as a first-class requirement, not an afterthought. Use when "security, OWASP, XSS, CSRF, SQL injection, authentication security, authorization, input validation, secure headers, vulnerability, penetration testing, security, owasp, authentication, authorization, xss, csrf, injection, headers" mentioned.
Use when implementing authentication/authorization, securing user input, or preventing OWASP Top 10 vulnerabilities. Invoke for authentication, authorization, input validation, encryption, OWASP Top 10 prevention.