Security
Anthropic-Cybersecurity-Skills
753+ structured cybersecurity skills mapped to MITRE ATT&CK. 4k+ stars.
Security
x0x
Secure computer-to-computer networking for AI agents — gossip broadcast, direct messaging, CRDTs, group encryption. Post-quantum encrypted, NAT-traversing. E...
Security
defi-onchain-analytics
Use when profiling wallets, analyzing protocols or pools, inspecting token metrics, evaluating DEX liquidity or LP/vault performance, reading smart contract state, resolving proxy …
Security
skills-keys
Manage API keys for the runner's --execute layer. CRUD on ~/.skills.env (chmod 600): list / add / update / remove / enable / disable gate flags / verify (ping vendor APIs) / export…
Security
safe-exec
Safe command execution for OpenClaw Agents with automatic danger pattern detection, risk assessment, user approval workflow, and audit logging. Use when agents need to execute shel…
Security
truthfinder
Always-active web search safety skill. Classifies every website into SAFE, CAUTION, RISKY, or BLOCKED before reading or citing it. Reads and evaluates real user reviews and feedbac…
Security
cyber-risk-modeling
Quantify cyber risk using FAIR methodology with Monte Carlo simulation, assess control effectiveness against NIST CSF/CIS/ISO 27001 frameworks, evaluate risk appetite alignment, an…
Security
audit-trail-protokoll
Maintains an immutable audit trail logging every review run, prompt change, reviewer sign-off, cache hit, and hash verification. Records timestamp, action, responsible party, cube …
Security
cyber-incident-response-72h
Structured immediate response for active cyber incidents — hacker attacks, ransomware, data exfiltration, insider threats. Phase 1: immediate containment, network isolation, forens…
Security
ovhcloud-live-kms-key-destruction-guard
Gate and audit OVHcloud KMS key version destruction requests by enforcing five mandatory checks: confirmed key ID and KMS service URN, named approving identity, usage audit confirm…
Security
hack-review
Performs a scoped, coverage-led review of a working tree, staged diff, commit range, branch diff, PR, or suspicious implementation to identify hack-like risks such as impossible-st…
Security
gcp-live-kms-key-destruction-guard
Gate Cloud KMS key version destruction and key ring deletion against a complete CMEK dependency audit. All Cloud SQL, GCS, BigQuery, Compute Engine disk, and Secret Manager resourc…
Security
cilium-network-policy-review
Use this skill for Cilium network policy review across Kubernetes NetworkPolicy, CiliumNetworkPolicy, and CiliumClusterwideNetworkPolicy formats, including L7 policy via Envoy, Clu…
Security
ciphertext-recovery
ARM64 trace ciphertext recovery methodology. Use when given an ARM64 execution trace file and asked to reverse-engineer encryption, signature, or encoding algorithms from ciphertex…
Security
pre-exec-check
Safety check before executing destructive or irreversible commands. Catches dangerous shell commands, risky git operations, secret exposure, and high-blast-radius actions before th…
Security
gcp-live-bigquery-dataset-deletion-guard
Gate BigQuery dataset deletion, table truncation, and authorized view changes against a full downstream dependency audit and export confirmation. Dataset deletion is immediate and …
Security
defi-risk-analysis
Analyze a DeFi protocol's risk profile across smart contract, off-chain, and track-record dimensions. Use when the user wants a risk analysis of a DeFi project, to check protocol s…
Security
permission-set-groups-and-muting
Use when designing or reviewing permission-set-group architecture, including profile minimization, group composition, muting strategy, and migration from profile-heavy models. Trig…
Security
trustskills
Use this skill when a user wants a trust decision before installing from a skill URL, marketplace, or GitHub repo. It checks a compact allowlist of trusted distribution channels an…
Security
gdpr-valid-consent
Guide for implementing GDPR-valid consent under Article 7 conditions and Article 4(11) definition. Covers five core requirements: freely given, specific, informed, unambiguous, and…
Security
cosmos-vulnerability-scanner
Scans Cosmos SDK blockchain modules and CosmWasm contracts for consensus-critical vulnerabilities including chain halts, fund loss, and state divergence. Covers 25 core, 16 IBC, 10…
Security
kev-watch
CISA + EU KEV (Known Exploited Vulnerabilities) catalog watch — pull recent KEV additions, intersect with installed dependencies, surface entries with imminent due dates. Use when …
Security
cyber-essentials-plus-expert
UK NCSC Cyber Essentials Plus (CE+) v3.3 expert. Reference-depth framework plugin with assessment, scope determination, and evidence checklist — backed by the SCF crosswalk. Five c…
Security
fraud-detection
Analyze fraud detection systems including rule engines, ML scoring models, real-time transaction monitoring, alert triage workflows, false positive management, SAR/CTR regulatory r…
Security
semaphore-protocol
Guide for integrating Semaphore V4 zero-knowledge protocol. Use when developing anonymous voting systems, privacy-preserving authentication, ZK proofs, smart contracts with group m…
Security
offensive-bluetooth-ble
Bluetooth Low Energy attack methodology covering GATT enumeration, unauthenticated characteristic access, pairing downgrade, LE Secure Connections bypass, active MITM relay, traffi…
Security
warmup
Delivers a daily intelligence brief. CISO mode maps active threat actors to MITRE ATT&CK, tracks CVEs with exploitation status, and summarizes research from CrowdStrike, Palo Alto,…
Security
gcp-live-iam-policy-change-guard
Gate IAM binding mutations, org policy changes, and Service Account key creation against the GCP resource hierarchy. IAM bindings at org level propagate to all folders and projects…
Security
spam-word-checker
Always-on spam and deliverability guardrails for cold email copy. Apply when writing, reviewing, or QA-ing subject lines, openers, follow-ups, CTAs, or any cold outreach copy. Trig…
Security
agentprivacy-perimeter-hardening
Device security, OS hardening, network configuration, and physical security for privacy infrastructure. Activates when securing the execution environment beneath the cryptographic …
Security
detecting-ssl-cert-issues
Audits TLS certificate posture beyond handshake success: chain ordering, OCSP stapling, revocation status, Certificate Transparency logs, key-usage flags, and wildcard scope. Flags…
Security
avv-eu-us-data-privacy-framework-bezug
Handles EU-US Data Privacy Framework (DPF) provisions in data processing agreements. Covers EU Commission adequacy decision of 10.07.2023, self-certification requirements, listing …
Security
guardiao
Reviews code security, architecture, incidents, and third-party dependencies to identify real vulnerabilities, exploitable weaknesses, supply-chain risk, and safe mitigations. Use …
Security
risk-management
Handles project risk identification, analysis, and response planning for software and systems projects. Covers probability-impact matrices, qualitative/quantitative analysis, Monte…
Security
ki-rote-linien-art-5-pruefen
Screens for prohibited AI practices under Article 5 of the EU AI Act: subliminal influence, vulnerability exploitation, social scoring, real-time biometric identification in public…
Security
sanktions-compliance-pruefung
Screening checklist for EU, OFAC, UK-HMT, and UN sanctions covering Russia, Belarus, Iran, North Korea, Syria, Venezuela, Cuba, listed persons and entities, asset freezes, embargoe…
Security
agentprivacy-metadata-resistance
Traffic analysis resistance, timing obfuscation, and metadata stripping for privacy-focused operations. Activates when designing defences against metadata correlation, implementing…
Security
ki-haftung-und-versicherung
Analyzes liability for AI deployment covering provider and operator obligations under the EU AI Act, updated product liability rules, draft AI liability directive, and contractual …
Security
nis2
Advises on EU NIS2 Directive (2022/2555) compliance for essential and important entities, including entity classification, Article 21 risk management, Article 23 incident reporting…
Security
agentprivacy-nullifier-design
Nullifier construction, deployment, and verification for privacy-preserving invalidation. Activates when designing double-spend prevention, privacy-preserving revocation, unlinkabl…
Security
l5-red-team-auditor
Performs an uncompromising L5 Enterprise Red Team Audit on a given plugin against the 39-point architectural maturity matrix. Trigger when the user requests a security audit, red t…
Security
owasp-mobile-security-checker
Perform security audits, vulnerability assessments, or compliance checks on Flutter or mobile applications. Covers OWASP Mobile Top 10 (2024) — hardcoded secrets, insecure storage,…
Security
avv-grenzpruefung-datenschutz
Defines the interface between data protection law and professional rules. Checks whether an Art. 28 GDPR processing agreement exists and clarifies that AVV review does not replace …
Security
memory-load-check
Reviews PRs and diffs for unbounded memory loading, concurrency issues, oversized payloads, and missing pagination or byte caps. Apply during cleanup jobs, data imports, file parsi…
Security
ki-hochrisiko-anhang-iii-pruefen
Evaluates high-risk AI systems under Annex III of the EU AI Act including biometrics, critical infrastructure, education, employment, service access, law enforcement, migration, ju…
Security
repo-first-defense
Defensive security audit for AI-native repositories. Activate before launching, merging, updating dependencies, migrating package managers, configuring AI agents, or when supply ch…
Security
dpa-review
Review data processing agreements, DPAs, or supplier/customer addenda containing personal data transfers for compliance with Turkish KVKK, checking controller/processor roles, secu…
Security
agentprivacy-witness
Privacy-Preserving Accountability Agent for 0xagentprivacy. Covers source protection architecture, verifiable evidence publication, breach documentation, whistleblower infrastructu…
Security
cloud-act-und-drittstaat-pruefen
Checks foreign nexus of AI providers per relevant service provider regulations (BRAO, StBerG, WPO, PAO, BNotO). EU/EEA treated as equivalent; third countries require comparable pro…
Security
agentprivacy-personhood-sybil
Personhood verification and Sybil resistance for privacy systems. Activates when discussing ∃! (unique existence) binding, proof-of-personhood without identity disclosure, Sybil at…
Security
aig-scanner
AI security scanner for infrastructure, AI tools/skills, agents, and LLM jailbreak evaluation using Tencent Zhuque Lab AI-Infra-Guard. Requires AIG_BASE_URL. Triggers on: scan AI s…
Security
threat-modeling
Produce structured threat models for software systems using STRIDE on data flow diagrams. Generate DFDs with trust boundaries, identify threats per element, score risks, and define…
Security
owasp-security-scanner
Automated OWASP Top 10 vulnerability detection and assessment. Run OWASP ZAP automated scans, detect injection vulnerabilities, identify broken authentication patterns, check for s…
Security
permission-sets-vs-profiles
Use when designing or auditing access control—deciding between Profiles, Permission Sets, and Permission Set Groups. Triggers: 'user can't see field', 'too many profiles', 'permiss…
Security
aussenwirtschaft-ofac-sdn-non-sdn
Guides intake, legal framework review, documentation assessment, risk flagging, record-keeping, approval, and follow-up steps for US sanctions lists including SDN, Non-SDN, and Fif…
Security
checking-owasp-compliance
Automatically identify potential security vulnerabilities based on the OWASP Top 10 (2021) list. Provides detailed analysis of compliance gaps and remediation guidance. Use when au…
Security
agentprivacy-vrc-identity
Verifiable Relationship Credential (VRC) identity system for 0xagentprivacy. Covers A(τ) bilateral trust, VRC issuance/verification/revocation, Relationship Proverb Protocol (RPP),…
Security
reverse-apk
Automated reverse-engineering pipeline for Android APKs (Flutter and native). Performs tool preflight, pulls the app via adb, detects framework, runs the appropriate toolchain, and…
Security
vulniq
Autonomous security scanner that detects secrets, XSS, missing headers, auth flaws, OWASP Top 10 patterns, dependency issues, PII exposure, and CORS misconfigurations. Produces SAR…
Security
auth
Authentication and access control for Next.js 15 + Supabase applications. Handles user authentication, route protection, session management, role-based access control, and multi-te…
Showing the top 60 of 5,020. See the full list →