Skip to main content
Skill MarketCurated agent workflows
EN中文
EN
Full catalog完整目录

Browse the full skills directory.浏览完整技能目录。

Filter by query, category, scenario, platform, and risk signals with server-side catalog results.按关键词、品类、场景、平台和风险信号筛选;URL 参数会直接下推到目录 API。

Curated28Indexed1286
Category· 品类
AllDevelopment & Engineering260Code Review47Testing & Debugging94Security & Compliance103Developer Docs56Writing & Content32Research & Data139Design & Visual88Marketing, Growth & Sales94Product & PM105Office & Knowledge86Multimedia Creation26Industry & Professional47Agent & Skill Building109
Scenario· 场景
AllSecurity auditAgent safety review
Platform· 平台
AllClaude CodeCodexCursorClineOpenClawHermesAnthropic SkillsMCPGeneric
Risk· 风险
AllLowMedium
Sort· 排序
DefaultNewestStarsUpdated

95 results

Community-indexed skills are not individually editor-curated; review risk signals, source, and maintenance before install.

Security & Compliance

api-security-testing

API安全测试的专业技能和方法论

Claude CodeCodexMedium risk · 中风险
Stars · 3.7kUpdated · 2026-05-11
View
Security & Compliance

aig-scanner

A.I.G Scanner — AI security scanning for infrastructure, AI tools / skills, AI Agents, and LLM jailbreak evaluation via

Claude CodeCodexMedium risk · 中风险
Stars · 3.6kUpdated · 2026-05-11
View
Security & Compliance

ctf web

Provides web exploitation techniques for CTF challenges. Use when the target is primarily an HTTP application, API, bro…

Claude CodeMedium risk · 中风险
Stars · 1.9kUpdated · 2026-05-16
View
Security & Compliance

ctf pwn

Provides binary exploitation techniques for CTF challenges. Use when you already have a vulnerable native target or ser…

Claude CodeMedium risk · 中风险
Stars · 1.9kUpdated · 2026-05-16
View
Security & Compliance

ctf reverse

Provides reverse engineering techniques for CTF challenges. Use when the main job is to understand how a compiled, obfu…

Claude CodeMedium risk · 中风险
Stars · 1.9kUpdated · 2026-05-16
View
Security & Compliance

skill vetter

Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Ch…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

solidity audit

Solidity smart contract security audit assistant following EEA EthTrust V3 specification. Performs structured audit wor…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

skill vetting

Vet ClawHub skills for security and utility before installation. Use when considering installing a ClawHub skill, evalu…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

skill scanner

Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them.…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

claw sentinel

Runtime security layer for OpenClaw agents. Intercepts and scans all external input (emails, API responses, web content…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

senior secops

Senior SecOps engineer skill for application security, vulnerability management, compliance verification, and secure de…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

runtime sentinel

Runtime security guardian for OpenClaw agents. Use this skill whenever the user mentions security, skill safety, prompt…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

phy ssrf audit

Server-Side Request Forgery (SSRF) vulnerability scanner (OWASP A10:2021). Detects URL-fetching sinks in Python/Java/No…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

phy path traversal audit

Path traversal and Local File Inclusion (LFI) vulnerability scanner (OWASP A01:2021). Detects user-controlled paths pas…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

phy jwt auth audit

phy jwt auth audit: agent skill — from LeoYeAI/openclaw-master-skills.

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

phy graphql schema audit

GraphQL schema static auditor. Reads any .graphql SDL file or introspection JSON to detect N+1 exposure hotspots (neste…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

phy deserialization audit

Unsafe deserialization vulnerability scanner (OWASP A08:2021). Detects Python pickle/yaml/eval, Java ObjectInputStream/…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

phy cors audit

CORS (Cross-Origin Resource Sharing) misconfiguration auditor. Probes any API endpoint with crafted Origin headers to d…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

skill vetter

Security vetting protocol before installing any AI agent skill. Red flag detection for credential theft, obfuscated cod…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

credential manager

MANDATORY security foundation for OpenClaw. Consolidate scattered API keys and credentials into a secure .env file with…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

isms audit expert

Information Security Management System (ISMS) audit expert for ISO 27001 compliance verification, security control asse…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

agentguard

GoPlus AgentGuard — AI agent security guard. Automatically blocks dangerous commands, prevents data leaks, and protects…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

gdpr dsgvo expert

GDPR and German DSGVO compliance automation. Scans codebases for privacy risks, generates DPIA documentation, tracks da…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

clawsec feed

Security advisory feed with automated NVD CVE polling for OpenClaw-related vulnerabilities. Updated daily.

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

clawsec

You are now acting as the ClawSec Monitor assistant. The user has invoked /clawsec to manage, operate, or interpret the…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

ciso advisor

Security leadership for growth-stage companies. Risk quantification in dollars, compliance roadmap (SOC 2/ISO 27001/HIP…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

ciso advisor

Security leadership for growth-stage companies. Risk quantification in dollars, compliance roadmap (SOC 2/ISO 27001/HIP…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

trustlayer sybil scanner

Feedback forensics for ERC-8004 agents. Detects Sybil rings, fake reviews, rating manipulation, and reputation launderi…

Claude CodeMedium risk · 中风险
Stars · 1.1kUpdated · 2026-05-16
View
Security & Compliance

blueagent x402

Security OS for autonomous agents and builders on Base. 31 pay-per-use tools across Quantum Security, Agent Safety, Res…

Claude CodeMedium risk · 中风险
Stars · 1.1kUpdated · 2026-05-16
View
Security & Compliance

cvss score extraction

Extract CVSS (Common Vulnerability Scoring System) scores from vulnerability data sources with proper fallback handling…

Claude CodeMedium risk · 中风险
Stars · 1.1kUpdated · 2026-05-16
View
Security & Compliance

ka88 agent shield

Professional security audit for AI agents. Checks URLs for SSRF, analyzes content for prompt injection, validates comma…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

Agent Compliance & Security Assessment

Comprehensive compliance and security self-assessment for AI agents. 14-check framework producing a structured threat m…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

two factor authentication best practices

Configure TOTP authenticator apps, send OTP codes via email/SMS, manage backup codes, handle trusted devices, and imple…

Claude CodeMedium risk · 中风险
Stars · 5.4kUpdated · 2026-05-16
View
Security & Compliance

email and password best practices

Configure email verification, implement password reset flows, set password policies, and customise hashing algorithms f…

Claude CodeMedium risk · 中风险
Stars · 5.4kUpdated · 2026-05-16
View
Security & Compliance

prompt guard

Meta's 86M prompt injection and jailbreak detector. Filters malicious prompts and third-party data for LLM apps. 99%+ T…

Claude CodeMedium risk · 中风险
Stars · 8.2kUpdated · 2026-05-16
View
Security & Compliance

ssh penetration testing

This skill should be used when the user asks to "pentest SSH services", "enumerate SSH configurations", "brute force SS…

Claude CodeMedium risk · 中风险
Stars · 1.1kUpdated · 2026-05-16
View
Security & Compliance

eicar test

Test skill containing EICAR test file for malware detection

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

yidun skill sec

Intelligent code security scanner with hybrid local-cloud detection. Fingerprints packages, runs static behavioral anal…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

openguardrails

Runtime security plugin for AI agents. Provides local-first protection against data exfiltration, credential theft, com…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

ai prompt engineering safety review

Comprehensive AI prompt engineering safety review and improvement prompt. Analyzes prompts for safety, bias, security v…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

Domain Skill Template

Use this template for domain-specific security testing (cryptographic testing, web security methodologies, etc.).

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

constant time testing

Constant-time testing detects timing side channels in cryptographic code. Use when auditing crypto implementations for…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

c review

Performs comprehensive C/C++ security review for memory corruption, integer overflows, race conditions, and platform-sp…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

threat detection

Use when hunting for threats in an environment, analyzing IOCs, or detecting behavioral anomalies in telemetry. Covers…

Claude CodeMedium risk · 中风险
Stars · 14kUpdated · 2026-05-16
View
Security & Compliance

senior secops

../../../engineering-team/skills/senior-secops/SKILL.md

Claude CodeMedium risk · 中风险
Stars · 14kUpdated · 2026-05-16
View
Security & Compliance

senior secops

Senior SecOps engineer skill for application security, vulnerability management, compliance verification, and secure de…

Claude CodeMedium risk · 中风险
Stars · 14kUpdated · 2026-05-16
View
Security & Compliance

isms audit expert

Information Security Management System (ISMS) audit expert for ISO 27001 compliance verification, security control asse…

Claude CodeMedium risk · 中风险
Stars · 14kUpdated · 2026-05-16
View
Security & Compliance

incident response

Use when a security incident has been detected or declared and needs classification, triage, escalation path determinat…

Claude CodeMedium risk · 中风险
Stars · 14kUpdated · 2026-05-16
View
Security & Compliance

gdpr dsgvo expert

GDPR and German DSGVO compliance automation. Scans codebases for privacy risks, generates DPIA documentation, tracks da…

Claude CodeMedium risk · 中风险
Stars · 14kUpdated · 2026-05-16
View
Security & Compliance

ciso advisor

Security leadership for growth-stage companies. Risk quantification in dollars, compliance roadmap (SOC 2/ISO 27001/HIP…

Claude CodeMedium risk · 中风险
Stars · 14kUpdated · 2026-05-16
View
Security & Compliance

variant analysis

Find similar vulnerabilities and bugs across codebases using pattern-based analysis. Use when hunting bug variants, bui…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

firebase apk scanner

Scans Android APKs for Firebase security misconfigurations including open databases, storage buckets, authentication is…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

yara rule authoring

Guides authoring of high-quality YARA-X detection rules for malware identification. Use when writing, reviewing, or opt…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

trailmark

Builds and queries multi-language source code graphs for security analysis. Includes pre-analysis passes for blast radi…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

semgrep rule creator

Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

mermaid to proverif

Translates Mermaid sequenceDiagrams describing cryptographic protocols into ProVerif formal verification models (.pv fi…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

semgrep

Run Semgrep static analysis scan on a codebase using parallel subagents. Supports two scan modes — "run all" (full rule…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

sharp edges

Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes. Use when revi…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

insecure defaults

Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecure…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

graph evolution

Compares Trailmark code graphs at two source code snapshots (git commits, tags, or directories) to surface security-rel…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

audit prep assistant

Prepares codebases for security review using Trail of Bits' checklist. Helps set review goals, runs static analysis too…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

fp check

Systematically verifies suspected security bugs to eliminate false positives. Produces TRUE POSITIVE or FALSE POSITIVE…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

dimensional analysis

Annotates codebases with dimensional analysis comments documenting units, dimensions, and decimal scaling. Use when som…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

entry point analyzer

Analyzes smart contract codebases to identify state-changing entry points for security auditing. Detects externally cal…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

constant time analysis

Detects timing side-channel vulnerabilities in cryptographic code. Use when implementing or reviewing crypto code, enco…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

agentic actions auditor

Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gem…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

codeql

Scans a codebase for security vulnerabilities using CodeQL's interprocedural data flow and taint tracking analysis. Tri…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

iam

AWS Identity and Access Management for users, roles, policies, and permissions. Use when creating IAM policies, configu…

Claude CodeMedium risk · 中风险
Stars · 1.1kUpdated · 2026-05-16
View
Security & Compliance

secrets manager

AWS Secrets Manager for secure secret storage and rotation. Use when storing credentials, configuring automatic rotatio…

Claude CodeMedium risk · 中风险
Stars · 1.1kUpdated · 2026-05-16
View
Security & Compliance

google cloud recipe auth

Provides expert guidance on authenticating and authorizing to Google Cloud services and APIs, covering human users, ser…

Claude CodeMedium risk · 中风险
Stars · 6.9kUpdated · 2026-05-16
View
Security & Compliance

osint methodology

Comprehensive OSINT methodology for external red-team operations and authorized attack-surface assessments. Covers the…

Claude CodeMedium risk · 中风险
Stars · 1.1kUpdated · 2026-05-16
View
Security & Compliance

Offensive OSINT — External Red Team Arsenal

Operational arsenal for external red-team and bug-bounty reconnaissance. Concrete wordlists (28 Swagger paths, 13 Graph…

Claude CodeMedium risk · 中风险
Stars · 1.1kUpdated · 2026-05-16
View
Security & Compliance

threat detection

Exact detection thresholds for identifying malicious network patterns including port scans, DoS attacks, and beaconing…

Claude CodeMedium risk · 中风险
Stars · 1.1kUpdated · 2026-05-16
View
Security & Compliance

ctf malware

Provides malware analysis and network traffic techniques for CTF challenges. Use when analyzing obfuscated scripts, mal…

Claude CodeMedium risk · 中风险
Stars · 1.9kUpdated · 2026-05-16
View
Security & Compliance

mcp atlassian hint inject

Demonstrates mcp-atlassian credential leak via hint parameter.

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

ctf forensics

Provides digital forensics and signal analysis techniques for CTF challenges. Use when analyzing disk images, memory du…

Claude CodeMedium risk · 中风险
Stars · 1.9kUpdated · 2026-05-16
View
Security & Compliance

flowise chatflow api

Exposes Flowise chatflow API with overrideConfig support.

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

mcpwn retry exploit

Demonstrates MCPwn runaway invocation pattern.

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

spec to code compliance

Verifies code implements exactly what documentation specifies for blockchain audits. Use when comparing code against wh…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

tsa risk

腾讯云智能顾问架构风险巡检分析报告生成工具。用于分析用户在腾讯云智能顾问产品下的架构图风险巡检情况,从API拉取数据并生成移动端友好的HTML可视化报告,最终将HTML转换为PNG图片输出。当用户提到智能顾问架构巡检、风险分析、巡检报告、…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

tsa risk

腾讯云智能顾问架构风险巡检分析报告生成工具。用于分析用户在腾讯云智能顾问产品下的架构图风险巡检情况,从API拉取数据并生成移动端友好的HTML可视化报告,最终将HTML转换为PNG图片输出。当用户提到智能顾问架构巡检、风险分析、巡检报告、…

Claude CodeMedium risk · 中风险
Stars · 2.0kUpdated · 2026-05-16
View
Security & Compliance

supply chain risk auditor

Identifies dependencies at heightened risk of exploitation or takeover. Use when assessing supply chain attack surface,…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

azure compliance

Run Azure compliance and security audits with azqr plus Key Vault expiration checks. Covers best-practice assessment, r…

Claude CodeMedium risk · 中风险
Stars · 2.3kUpdated · 2026-05-16
View
Security & Compliance

soc2 compliance

../../../ra-qm-team/skills/soc2-compliance/SKILL.md

Claude CodeMedium risk · 中风险
Stars · 14kUpdated · 2026-05-16
View
Security & Compliance

threat detection

../../../engineering-team/skills/threat-detection/SKILL.md

Claude CodeMedium risk · 中风险
Stars · 14kUpdated · 2026-05-16
View
Security & Compliance

soc2 compliance

Use when the user asks to prepare for SOC 2 audits, map Trust Service Criteria, build control matrices, collect audit e…

Claude CodeMedium risk · 中风险
Stars · 14kUpdated · 2026-05-16
View
Security & Compliance

risk management specialist

../../../ra-qm-team/skills/risk-management-specialist/SKILL.md

Claude CodeMedium risk · 中风险
Stars · 14kUpdated · 2026-05-16
View
Security & Compliance

incident response

../../../engineering-team/skills/incident-response/SKILL.md

Claude CodeMedium risk · 中风险
Stars · 14kUpdated · 2026-05-16
View
Security & Compliance

burpsuite project parser

Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bo…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

secure workflow guide

Guides through Trail of Bits' 5-step secure development workflow. Runs Slither scans, checks special features (upgradea…

Claude CodeMedium risk · 中风险
Stars · 5.1kUpdated · 2026-05-16
View
Security & Compliance

acquiring-disk-image-with-dd-and-dcfldd

Create forensically sound bit-for-bit disk images using dd and dcfldd while preserving evidence integrity through hash v

Claude CodeCodexMedium risk · 中风险
Stars · 6.2kUpdated · 2026-05-11
View
Security & Compliance

android-reverse-engineering

Decompile Android APK, XAPK, JAR, and AAR files using jadx or Fernflower/Vineflower. Reverse engineer Android apps, extr

Claude CodeCodexMedium risk · 中风险
Stars · 5.6kUpdated · 2026-05-11
View
Security & Compliance

Active Directory Attacks

This skill should be used when the user asks to "attack Active Directory", "exploit AD", "Kerberoasting", "DCSync", "pas

Claude CodeCodexMedium risk · 中风险
Stars · 4.1kUpdated · 2026-05-11
View
Security & Compliance

offensive-iot

IoT and embedded device security testing methodology. Covers hardware reconnaissance (UART, JTAG, SWD, SPI flash, I2C EE

Claude CodeCodexMedium risk · 中风险
Stars · 1.2kUpdated · 2026-05-09
View
Security & Compliance

offensive-active-directory

Active Directory attack methodology for internal network red team engagements. Covers reconnaissance (BloodHound, PowerV

Claude CodeCodexMedium risk · 中风险
Stars · 1.2kUpdated · 2026-05-09
View
Skill Market
Find the best AI skills for the job·按品类找最好用的 AI 技能
v0.4 · 1286 skills indexed · last review 2026-05-16