Security

base-rules

by ryoshimm

AI エージェンティック開発の基本ルール。プロジェクト調査・コード品質・安全性の共通規約を自動適用する。

solidity-code-review

by whackur

Smart contract code review and security audit methodology for Solidity. Use when reviewing, auditing, or assessing the security of Solidity code. Provides structured review process, severity classification, key inspection areas, and OWASP SCWE integration. Triggers on tasks involving code review, security audit, vulnerability assessment, smart contract review, or best practices check.

openclaw-skill-auditor

by CalWade

Audit installed OpenClaw skills for security risks, token bloat, and hidden cost patterns. Use this skill whenever the user asks to scan, audit, check, or review their installed skills — including questions like "are my skills safe?", "which skills are wasting tokens?", "do I have any suspicious skills?", "clean up my skills", or "check my OpenClaw skills". Always invoke this skill for any skill health, quality, or cost investigation.

code-review

by Nomik94

Code Reviewer 에이전트 스폰. Use when: /code-review, 코드 리뷰해줘, PR 리뷰, 리뷰해줘, 코드 품질 점검, 리팩토링 방향, 기술 부채 식별, 코드 스멜. NOT for: 단순 포맷팅, 오타 수정.

smart-code-review

by lordprotein

"Expert code review with a senior engineer lens. Reviews git changes or targeted code (files, folders, features). Detects SOLID violations, security risks, and proposes actionable improvements."

_security-compliance-mastery

by TriNgo0108

Master application security, threat mitigation, compliance frameworks, and secure authentication. Use this as a central index to access specialized sub-skills.

fullstack-engineering

by iam-prabha

End-to-end best practices for full-stack development — from architecture and design through deployment and production observability. Use this skill when building, scaling, or shipping any web application across the entire stack (frontend, backend, database, DevOps, security, testing, and monitoring). Produces production-grade, maintainable, and secure software.

github-actions

by yldgio

GitHub Actions workflow security, performance optimization, and best practices

inspecting-changes-skill

by viktar-silakou

```

moses-product

by christopheraaronhogg

Provides expert product management analysis, requirements review, and scope assessment. Use this skill when the user needs requirements evaluation, feature prioritization guidance, or scope assessment. Triggers include requests for product review, requirements audit, or when asked to evaluate feature completeness and prioritization. Produces detailed consultant-style reports with findings and prioritized recommendations — does NOT write implementation code.

bezaleel-architect

by christopheraaronhogg

Provides expert architectural analysis and strategic recommendations for software projects. Use for architecture reviews, system design evaluation, tech stack assessment, scalability/modernization strategy, or when asked to analyze a codebase architecturally. Produces consultant-style reports with prioritized recommendations — does NOT write implementation code.

code-health-remediation

by jamelna-apps

When user mentions "dead code", "duplicates", "cleanup", "tech debt", "health scan", "remediation", "unused", or wants to act on health scan results. Guides safe code cleanup.

runa-credentials

by runafreyjasdottir

"Kista — Runa's self-owned encrypted vault. 8 entry types: credentials, API keys, SSH keys, certificates, notes, TOTP, licenses, identities. Independent access, no external dependencies."

terraform

by yldgio

Terraform IaC patterns, state management, security, and modular design

constellation-team

by PrakharMNNIT

Coordinate a cross-functional star-team workflow (Product Manager, Principal Engineer, Backend, Frontend, QA/Security, DevOps) with mandatory architecture and code-review checkpoints. Use when a request needs end-to-end product delivery, multi-role collaboration, or explicit role-based outputs (PM/PE/Backend/Frontend/QA/DevOps), or when the user asks for "star team", "cross-functional", "full lifecycle", or "multi-role" planning.

skills-security-audit

by agentnode-dev

Audit AI agent skills for security risks before installation or periodically. Works on Claude Code, OpenClaw, and all platforms. Detect prompt injection, data exfiltration, malicious commands, obfuscated code, privilege abuse, supply chain risks, memory poisoning, trust exploitation, and behavioral manipulation. Use before installing third-party skills from any marketplace.

Available Skills in AgentOS (br3ezeclaw)

by br3eze-code

code-quality-setup

by metyatech

Use when setting up or configuring code quality tools (formatters, linters, type checkers, dependency scanners) for a repository. Also use when adding visual accessibility automation or security baseline scanning. Do not use for general coding or when tools are already configured.

Private Network Security Scan

by BizShuk

Run a private network security scan, diagnose all discovered hosts against 11 risk categories, and generate a security report within 60 minutes

aivault

by moldable-ai

Complete guide for using aivault as a zero-trust local vault and proxy for API secrets. Use this skill when initializing/configuring aivault, managing secrets and credentials, invoking capability-backed API calls, setting workspace/group isolation, adding custom providers, or troubleshooting daemon and policy issues.

cloud-architect

by Tomlord1122

Cloud architecture expert for Kubernetes, Helm, Terraform, and AWS EKS. Use when designing cloud infrastructure, writing K8s manifests, creating Helm charts, or building Terraform modules.

antigravity-workflows

by ncdevshiv

"Orchestrate multiple Antigravity skills through guided workflows for SaaS MVP delivery, security audits, AI agent builds, and browser QA."

Pentest Checklist

by jcastillotx

This skill should be used when the user asks to "plan a penetration test", "create a security assessment checklist", "prepare for penetration testing", "define pentest scope", "follow security testing best practices", or needs a structured methodology for penetration testing engagements.

aikido-security-remediator

by orbiqhq

Access Aikido Security through its API, pull open issue groups, triage findings, and execute first-pass fixes in your repository. Use when asked to review Aikido alerts, remediate dependency or SAST findings, or close security issues.