Skills 导航

覆盖威胁建模、漏洞评估、安全架构设计、代码审计与渗透测试，内置 STRIDE、OWASP、加密模式和安全扫描流程，适合系统设计评审与上线前安全排查。

✎ 安全专家把威胁建模、漏洞分析到渗透测试串成一套流程，内置 STRIDE 与 OWASP 指南，做安全设计和排查更省心。

面向多语言项目做依赖体检，扫描漏洞与 CVE、排查许可证冲突、梳理传递依赖和过时版本，给出安全升级与合规治理建议。

✎ 依赖审计能快速揪出项目依赖中的漏洞与合规风险，把安全扫描和审计合在一起，适合依赖链复杂的团队持续把关。

安装前审计 Claude Code Skill 的代码执行、Prompt 注入和依赖供应链风险，支持本地目录或 Git 仓库扫描，输出 PASS/WARN/FAIL 结论及修复建议

✎ 把代码审查、漏洞扫描和合规检查串成一条线，帮团队更早发现风险，做安全治理更省心。

覆盖应用安全、漏洞管理与合规审计，支持代码/依赖扫描、CVE 评估、Secrets 检测和安全自动化，适合做安全基线落地、漏洞响应、审计检查与安全开发治理。

✎ 应用安全、漏洞管理和合规检查一套打通，还能自动化扫描与响应，帮团队更早发现并收敛风险。

错误监控 - 扫描 JSON 日志、捕获 ERROR 级别错误、OpenClaw 系统级错误修复建议

>

Smart health management solution with food and exercise recognition, nutrition and calorie analysis, secure data storage, and comprehensive data management. Empowers users with accurate food and exercise logging, personalized nutrition assessment, daily intake tracking, and calorie expenditure monitoring to support a healthy lifestyle.

Behavioural intelligence layer for OpenClaw agents. Monitors live decisions, forces transparent financial reasoning before any purchase, detects SOUL identity drift, maps combinatorial risk across skill sets, investigates incidents, tracks memory integrity, manages multi-agent trust chains, provides emergency shutdown, and actively improves your entire setup. Not antivirus. Not a firewall. The layer that sees what scanners miss and makes everything work better.

Binance smart alert system. Monitors price/change alerts, new listings, Alpha airdrop opportunities, and HODLer announcements via Telegram. No Binance API Key required.

心理健康助手。情绪自查、呼吸练习、情绪日记、心理资源、压力管理、感恩练习。Mental health tool with mood check, breathing exercises, journaling, resources, stress management.

Reference tool for devtools — covers intro, quickstart, patterns and more. Quick lookup for Secret Sealer concepts, best practices, and implementation patterns.

Reviews Elixir code for security vulnerabilities including code injection, atom exhaustion, and secret handling. Use when reviewing code handling user input, external data, or sensitive configuration.

Prompt injection and malware detection filter for external content. Scans text, files, or URLs for 20+ attack patterns including instruction overrides, credential exfiltration, persona hijacking, encoded payloads, fake system messages, and invisible character injection. Returns JSON with risk level and sanitized text.

COPPA compliance reference — children's online privacy, parental consent, data collection rules, FTC enforcement. Use when building apps for children under 13 or reviewing COPPA obligations.

Scan new meme coins for risks and opportunities — honeypot detection, liquidity analysis, holder concentration.

Monitor website availability and response times. Use when checking site status, benchmarking latency, tracking uptime history, or alerting on outages.

Audit all installed skills for quality, duplicates, structural issues, and best-practice compliance. Use when asked to review, audit, lint, or check skills for problems. Triggers on "audit skills", "skill quality", "check my skills", "skill duplicates", "skill hygiene".

Skill 重叠分析工具 - 检测已安装 skills/commands 的功能重复，辅助精简配置。Triggers: 'skill 审计', '功能重叠', '重复检测', 'skill audit', 'skill scan', '精简配置'.

Security vitals checker, also known as ClawVitals. Scans your installation, scores your setup, and shows you exactly what to fix. First scan in seconds.

Store, retrieve, and manage login credentials securely using bash and Python with local encryption. Use when saving website logins, API keys, or generating secure passwords.

Track compliance requirements and generate audit trail reports. Use when auditing controls, checking policies, generating audit trails.

Log daily steps, set fitness goals, and chart walking trends. Use when logging counts, tracking progress, charting trends, setting goals.

Log workouts, track sets and reps, and chart training progress over time. Use when recording sessions, tracking PRs, or reviewing weekly volume.

Run this skill before any chanjing-related action. When the user asks to generate or configure chanjing credentials/keys (AK/SK), run this skill to guide them—check if already configured; if yes, ask whether to re-apply; then open login page and show config commands. ALWAYS run when user asks for chanjing credentials/keys or before any chanjing API (voice list, TTS, avatar, voice-clone).