Manage and inspect the OpenClaw multi-agent gateway — list agents, check model health, view routing rules, manage crons, inspect context budgets, and run system diagnostics.

Lightweight guide and router for Markster OS. Use to explain the system, point users to the full Git-backed workspace setup, and help them decide whether to approve a full Markster OS installation.

Kaspa News — let your Claw know everything about Kaspa in one place: latest news, core development updates, ecosystem launches, community talks, and weekly reports summary. Use when someone asks what’s happening with Kaspa now, including dev/builder activity, top tweets, videos, and Reddit updates. No API keys needed.

Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production. Use when auditing security, reviewing config management, or analyzing environment variable handling.

A desktop sandbox lets OpenClaw run as natively as on a real OS, ensuring full functionality with safe isolation.Run OpenClaw without breaking your PC.

Turn your OpenClaw agent into an autonomous worker on [WorkProtocol](https://workprotocol.ai) — the open marketplace for AI agent work.

Fetch any URL as clean, AI-ready Markdown with token counts and caching. Strip ads, nav, scripts, and noise from web pages.

**First OpenClaw skill where AI agents can autonomously pay for Pro features via x402 protocol.**

GitHub Action for automated security scanning of agent workspaces. Detects exposed secrets, prompt/shell injection, and data exfiltration patterns in PRs and commits.

Audits installed skills to report exactly what system resources each one accesses — network, subprocess, file I/O, environment variables, and unsafe operations.

Runtime prompt injection defense for agent workspaces. While other tools watch workspace identity files, Bastion protects the input/output boundary — the files being read by the agent, web content, AP

**Reduce context/token usage by 40-60% through intelligent compression and learning.**

Network DLP for agent workspaces. Scans skills and files for outbound URLs, data exfiltration endpoints, and network function calls.

Tamper-evident audit trail for agent workspaces. Every workspace change is recorded in a hash-chained log — if anyone alters an entry, the chain breaks and you know.

Define security policies for your workspace and audit compliance. Check installed skills against command, network, and data handling rules. Generate audit-ready compliance reports.

**Persistent memory across sessions with semantic search and x402 payments.**

>

Unified security suite for agent workspaces. Installs, configures, and orchestrates all 11 OpenClaw security tools in one command — integrity, secrets, permissions, network, audit trail, signing, supply chain, credentials, injection defense, compliance, and incident response.

Supply chain security scanner for agent skills. Detects obfuscated code, known-bad signatures, suspicious install behaviors, dependency confusion, and metadata inconsistencies — before and after insta

Scans your agent workspace for leaked secrets — API keys, tokens, passwords, private keys, and credentials that should never be in plain text.

Cryptographic verification for installed skills. Sign skills at install time, verify they haven't been tampered with later.

**Save 30-50% on model costs through intelligent, automatic model selection.**

Incident response and forensics for agent workspaces. When something goes wrong — a skill behaves unexpectedly, files change without explanation, or another security tool flags an anomaly — triage inv

Protects your credential lifecycle — not just finding secrets in source code (that's what Sentry does), but tracking how credentials are exposed through services, permissions, history, configs, contai

Full workspace security suite: detect unauthorized modifications, scan for prompt injection patterns, and automatically respond with countermeasures — snapshot restore, skill quarantine, git rollback, and automated protection sweeps. The complete post-installation security layer for agent workspaces.

Monitors your workspace files for unauthorized modifications and prompt injection attacks. Existing security tools scan *skills* before installation — this tool watches the *workspace itself* after in

Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns. Auto-blocks high-risk skills.

Connect to the Zynd AI Network to discover, communicate with, and pay other AI agents. Search for specialized agents by capability, send them tasks with automatic x402 micropayments, and receive responses. Enables multi-agent collaboration across the open agent economy.

本Skill采用**"关键帧图片+多段视频拼接"**工作流，支持生成长视频（30秒/60秒或更长）。通过生成关键帧图片，再生成多段5秒视频，确保段与段之间无缝衔接。

Use Playwright to host a browser and call Doubao Web's image generation function. Call this skill when the user requests to draw or generate an image using Doubao. (使用 Playwright 托管浏览器的方式，调用豆包 Web 端生图功能。当用户要求使用豆包画图、生成图片时调用此技能。)

You have access to **Cortex**, a self-organizing knowledge graph for persistent memory. Use it to remember facts, decisions, goals, patterns, and observations across sessions. Knowledge is stored as n

Do NOT parse the output tags. Only return the content inside data[number].url.

Full project audit — launches 5 parallel AI agents (security, bugs, dead code, architecture, performance) to scan your codebase read-only, then compiles a unified report with health grade (A+ to F) and offers surgical fixes. Language-agnostic. Zero config.

Check official Srbija Voz notices, station matches, and timetable metadata. Use when verifying live train delays, cancellations, stoppages, or replacement bus service in Serbia.

Reliable runbook for scheduled reminders and notification workflows with OpenClaw cron. Use when creating or reviewing reminder skills, scheduling one-shot or recurring reminders, choosing between systemEvent and agentTurn payloads, selecting the correct sessionTarget, writing reminder text that will still read clearly when delivered later, validating whether a job actually fired, or troubleshooting why a scheduled notification did not deliver as expected. Especially useful for ClawHub-published skills that need production-safe reminder behavior instead of ad hoc cron setup.

Complete REST API integration for Craft.do - the beautiful note-taking and document app.

Ship packages with AI — compare rates across USPS, FedEx, and UPS, buy discounted labels, track shipments, and manage orders. Requires user confirmation before any purchase or wallet-affecting action.

Configure DeepInfra model routing with provider auth, model selection, fallback chains, and cost-aware defaults for stable open-source and frontier model workflows.

Control a remote Obsidian vault through Fast Note Sync. Use when reading, searching, writing, or appending notes in Obsidian from OpenClaw, especially for remote vault workflows that do not have direct filesystem access.

When the user uploads 发票.zip and 火车票.zip, use the included data tables to calculate eligible business-trip subsidy records, split related vs remaining files, create output workbooks, package two result zips, and report progress at every key step.

>

获取中国 A 股、美股、全球大盘以及期市的行情与深度财务面分析，并支持 AI 生成每日 A 股精华日报，一键赋能 Agent 全天候的专业投研能力。

Turn long documents, reports, proposals, and email threads into decision-ready memos with key points, risks, open questions, and next steps.

Turn people, companies, agendas, notes, and email threads into consulting-style meeting briefs, sharp questions, follow-up emails, and action items.

A premium operating system skill for one-person companies covering triage, pipeline, sales calls, proposals, follow-ups, renewals, cash collection, weekly and monthly reviews, and practical solo-founder decisions.

Turn rough notes, founder insights, and English drafts into natural Xiaohongshu posts that feel human, trustworthy, and platform-native.

Find domain experts, thought leaders, and subject-matter authorities on any topic. Searches Twitter and Reddit for people who demonstrate deep knowledge, frequent discussion, and above-average expertise in a specific field. Expert discovery, talent sourcing, researcher identification, and KOL (Key Opinion Leader) mapping.

Instagram Search — Search 400M+ Instagram posts, reels, and profiles. Find influencers, track hashtags, analyze engagement, and export data. No Instagram API or Meta developer account needed — works through Xpoz MCP.

Lead Generation — Find high-intent buyers in live Twitter, Instagram, and Reddit conversations. Auto-researches your product, generates targeted search queries, and discovers people actively looking for solutions you offer. Social selling and prospecting powered by 1.5B+ indexed posts via Xpoz MCP.

Reddit Search — Search posts, comments, users, and subreddits across 100M+ indexed Reddit entries. Find discussions, track topics, discover communities, and analyze engagement. No Reddit API key needed — works through Xpoz MCP with natural language queries.