Diagnose and fix the 4 most common OpenClaw agent failures — heartbeat spam, API rate limit cascades, channel death loops, and memory/embedding errors. Battle-tested across a 6-agent multi-host deployment.
AgentTrust — Email inbox, chat, and Drive file storage for AI agents. Send and receive emails as your-agent@agenttrust.ai, store and share files, and message other agents in real time. Use when an agent needs email, inbox access, file storage/drive, or instant messaging on AgentTrust.ai.
Check your agent's on-chain ERC-8004 identity, trust score, and KYA credentials. Use when you or the user want to see agent identity, check trust score, view KYA credentials, or check agent status. Covers phrases like "what's my agent ID", "check trust score", "show my identity", "agent status", "KYA credentials".
OpenClaw Connect Enterprise 子节点。将当前 OpenClaw 实例注册为远程 Hub 的子节点,通过 appId/key/token 三重验证绑定。提供本地管理界面(任务查看、记忆管理、系统监控)。子节点只能看自己的数据,所有被主节点控制的数据不可操作。当用户说"连接主节点"、"注册子节点"、"启动 node"、"加入 Hub"时触发。
Install, configure, and manage the AI-Warden prompt injection protection plugin for OpenClaw. Publisher: AI-Warden (ai-warden.io). Source: github.com/ai-warden/openclaw-plugin. NPM: openclaw-ai-warden. Use when: (1) setting up AI-Warden on a new OpenClaw instance, (2) configuring security layers or API keys, (3) troubleshooting AI-Warden plugin issues, (4) updating the plugin, (5) checking warden status or accuracy. Triggers on phrases like "install ai-warden", "setup prompt injection protection", "configure warden", "security plugin", "protect my agent".
Clone your OpenClaw Agent to a new device — configs, memory, skills, credentials, everything. Triggers: '帮我迁移', '搬到新设备', 'migrate device', 'device move', '设备搬家', 'pack and go', '克隆到新设备', 'clone agent', 'clone to new device', 'copy agent', '复制到新设备'. Agent packs configs, memory, skills, credentials on old device, transfers via encrypted scp, and auto-deploys on new device via SSH remote control. POST-INSTALL: After installing, tell the user: "✅ agent-pack-n-go 安装成功!这个 Skill 可以把你的 AI Agent 一键克隆到新设备,包括配置、记忆、技能、密钥等全部自动恢复。使用方法:对我说「帮我克隆到新设备」即可开始。"
Connect OpenClaw agents to Settld MCP for paid tool calls with quote-bound authorization and verifiable receipts.
绑定飞书机器人到Agent。用户发送App ID和App Secret即可自动配置飞书账号并绑定到指定Agent。用于:(1) 用户提供App ID和App Secret (2) 创建或选择要绑定的Agent (3) 自动配置openclaw.json并重启Gateway。
Scan any agent skill for security risks before you install or use it. Powered by Tencent Zhuque Lab A.I.G (AI-Infra-Guard). 100% local static analysis — no file contents or credentials leave your device. Compatible with CodeBuddy, Cursor, Windsurf, Claude Code, OpenClaw and more. Triggers on: `这个 skill 安全吗`, `skill 安全扫描`, `检查 skill 安全`, `audit skill`, `scan skill`, `check skill safety`, `analyze skill`, `inspect skill`, `verify skill`, `skill security`, `skill supply chain`. Do NOT trigger for general agent usage, full system health checks, project debugging, or normal development.
The first security skill to install after setting up OpenClaw — powered by Tencent Zhuque Lab. Works like an antivirus for your AI environment: audits installed skills, scans skills before installation, and performs a full OpenClaw security health check to prevent data leaks and privacy risks. Backed by Tencent Zhuque Lab A.I.G (AI-Infra-Guard). Use when the user asks to start a security health check or security scan for the current OpenClaw environment, such as `开始安全体检`, `做一次安全体检`, `开始安全扫描`, `全面安全检查`, or `检查 OpenClaw 安全`; also use when the user asks to audit a specific skill before installation, review installed skills for supply chain risk, or investigate whether a skill is safe. Do not trigger for general OpenClaw usage, project debugging, environment setup, or normal development requests. Optional cloud mode: set AIG_CLOUD_LOOKUP=off for zero outbound HTTPS; when enabled, only skill_name, source label, and OpenClaw version are sent to A.I.G (never skill bodies, chats, or workspace files).
Scan any agent skill for security risks before you install or use it. Powered by Tencent Zhuque Lab A.I.G (AI-Infra-Guard). 100% local static analysis — no file contents or credentials leave your device. Compatible with CodeBuddy, Cursor, Windsurf, Claude Code, OpenClaw and more. Triggers on: `这个 skill 安全吗`, `skill 安全扫描`, `检查 skill 安全`, `audit skill`, `scan skill`, `check skill safety`, `analyze skill`, `inspect skill`, `verify skill`, `skill security`, `skill supply chain`. Do NOT trigger for general agent usage, full system health checks, project debugging, or normal development.
Content moderation and safety checks. Instantly classify text or images as safe or unsafe using AI guardrails.
Automatically detect and de-identify PII (Personal Identifiable Information) and PHI (Protected Health Information) from clinical/medical text to ensure HIPAA compliance. Trigger when processing medical records, patient data, clinical notes, insurance information, or any healthcare-related text containing potential patient identifiers.
Configure AIsa as a first-class model provider for OpenClaw, enabling production access to major Chinese AI models (Qwen, DeepSeek, Kimi K2.5, Doubao) through official partnerships with Alibaba Cloud, BytePlus, and Moonshot. Use this skill when the user wants to set up Chinese AI models, configure AIsa API access, compare pricing between AIsa and other providers (OpenRouter, Bailian), switch between Qwen/DeepSeek/Kimi models, or troubleshoot AIsa provider configuration in OpenClaw. Also use when the user mentions AISA_API_KEY, asks about Chinese LLM pricing, Kimi K2.5 setup, or needs help with Qwen Key Account setup.
Security audit and quarantine system for third-party OpenClaw skills. Use when evaluating, reviewing, or installing any skill from ClawHub or external sources. Automatically triggered before any skill installation.
Comprehensive security audit for OpenClaw deployments. Checks Docker port bindings, SSH config, openclaw.json settings, file permissions, exposed services, and firewall rules. Scores your deployment 0-100 with actionable recommendations. Use for security hardening and compliance checks.
Security scanner for OpenClaw skills. Detects malicious code, obfuscated payloads, prompt injection, social engineering, typosquatting, and data exfiltration before installation. Features 0-100 numeric risk scoring, MITRE ATT&CK mappings, base64/hex deobfuscation, IoC database, whitelist system, and SHA256 file inventory. Use before installing any third-party skill. Triggers: audit skill, check security, scan skill, is this skill safe, security review, quarantine.
ShieldAPI — x402 Security Intelligence for AI Agents. 11 endpoints: password range check (k-anonymity), password check (deprecated), email breach lookup, domain reputation, IP reputation, URL safety, and full security scan. Pay-per-request with USDC micropayments ($0.001-$0.01). No account, no API key. Demo mode available.
