Skills 导航

Secure key management for AI agents. Use when handling private keys, API secrets, wallet credentials, or when building systems that need agent-controlled funds. Covers secure storage, session keys, leak prevention, and prompt injection defense.

botlearn-healthcheck — BotLearn autonomous health inspector for OpenClaw instances across 5 domains (hardware, config, security, skills, autonomy); triggers on system check, health report, diagnostics, or scheduled heartbeat inspection.

Your personal Compass assistant. Track, analyze, and manage all your security needs from the command line.

Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.

Encrypted credential storage for OpenClaw agents. Stop storing API keys in plaintext.

>

\

Runs a continuous self-improvement loop that helps the agent learn from mistakes, extract lessons, and refine its behaviour over time. Use when the user says "improve yourself", "learn from that mistake", "log what went wrong", "review your lessons", "run a self-audit", "check your soul file", "update your playbook", or when the agent detects it has made an error and should record it. Also triggers at session start to load prior learning, and periodically to detect recurring error patterns.

Best and simplest tool for website change detection, web page monitoring, and website change alerts. site-change-alert, python, back-in-stock, change-alert.

飞书群聊安全隔离 Skill，提供主人身份三重保障、技能安装确认、权限分级、防注入攻击、敏感路径保护等完整安全机制，保护机器人在群聊环境中的安全。

当且仅当用户明确提到“分析日志多维表”或“my_stock_log_skill”时触发。专门用于美股分析报告结论在钉钉多维表（dingtalk-ai-table）中的结构化归档（新增）与检索（查询）。

Use this skill to audit CLI adapter projects (like opencli) for missing output fields, then batch-generate fixes and submit PRs. Turns AI agents into adapter quality reviewers.

A little tool to play with Windows security credential-tester, c. Use when you need credential-tester capabilities. Triggers on: credential-tester.

Analyze websites with OSINT reconnaissance and security scanning. Use when inspecting headers, checking DNS, analyzing SSL certs, generating reports.

Check connectivity with ping, port scan, and DNS lookup in one fast tool. Use when testing reachability, scanning ports, resolving DNS records quickly.

Record daily wins, challenges, and learnings with streak tracking. Use when logging reflections, tracking streaks, reviewing weekly progress.

Log blood pressure, glucose, and health metrics with trend charts. Use when recording vitals, reviewing health trends, or exporting medical logs.

version: 1.0.0

打包代码库时先扫描并拦截硬编码密钥、Token 和数据库凭证，确认无泄露风险后再用 repomix 安全封装，适合分发项目、制作参考包或分享代码前做安全检查。

✎ 给代码库打包分享前，先自动揪出并清理硬编码凭据，尤其适合用 repomix 分发参考包时把安全风险挡在门外。

面向代码库安全巡检，审计过期包、未使用依赖、重复造轮子与 CVE/CVSS 漏洞，支持完整扫描或仅漏洞模式。

✎ 帮你一次揪出过期、未使用依赖和已知漏洞，还能识别重复造轮子，支持全量或仅漏洞扫描，做安全合规更省心。

扫描代码中的支付、安全、数据一致性和核心流程，找出未被测试覆盖的关键业务逻辑，按风险优先级给出缺口清单与合规评分，适合发布前做高风险测试审计。

✎ 帮你快速揪出关键业务链路里的测试盲区，按资金、安全和数据完整性风险排序给出优先级，补测更有章法。

面向代码库做安全审计，扫描硬编码密钥、SQL 注入、XSS、不安全依赖和缺失校验，输出带严重级别、定位、修复建议与合规评分的结构化结果。