Sign in to OpenAnt. Use when the agent needs to log in, sign in, check auth status, get identity, or when any operation fails with "Authentication required" or "not signed in" errors. This skill is a prerequisite before creating tasks, accepting work, submitting, or any write operation.
Free version — scan your MCP configuration for the top 3 security risks. Tool description injection, permission sprawl, and supply chain trust.
Complete step-by-step installation guide for OpenClaw on Windows 10/11 with WSL2, includes common pitfalls and solutions from real installation experience.
Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production. Use when auditing security, reviewing config management, or analyzing environment variable handling.
Network data loss prevention for agent workspaces. Scans skills and files for outbound URLs, data exfiltration endpoints, suspicious domains, and network function calls. Maps every external connection. Free alert layer — upgrade to openclaw-egress-pro for blocking, quarantine, and URL allowlists.
Unified security suite for agent workspaces. Installs, configures, and orchestrates all 11 OpenClaw security tools in one command — integrity, secrets, permissions, network, audit trail, signing, supply chain, credentials, injection defense, compliance, and incident response.
Supply chain security for agent skills. Pre-install inspection, post-install scanning, obfuscation detection, and known-bad signature matching. Verify skills are safe before they touch your workspace. Free alert layer — upgrade to openclaw-sentinel-pro for quarantine, blocking, and community threat feeds.
Scan workspace files for leaked secrets: API keys, tokens, passwords, private keys, and credentials. Detects AWS, GitHub, Slack, Stripe, OpenAI, Anthropic, Google, Azure keys and more. Free alert layer — upgrade to openclaw-sentry-pro for automated redaction, quarantine, and defense.
Cryptographic skill verification. Sign installed skills with SHA-256 content hashes and verify they haven't been tampered with. Detects modified, added, and removed files within skill directories. Free alert layer — upgrade to openclaw-signet-pro for rejection, quarantine, and trust chain restoration.
Fail-safe policy gate for OpenClaw marketplace skills. Intercepts tool calls before execution and checks them against your Authensor policy. Low-risk actions run automatically. High-risk actions require your approval. Dangerous actions are blocked. Only action metadata is sent to the control plane — never your files, API keys, or conversation content.
Deploy and configure CLIProxyAPI, expose its dashboard safely, connect OAuth providers like Claude Code, Gemini, Codex, Qwen, and iFlow, generate a reusable API endpoint and API key, and integrate it with OpenClaw or other OpenAI-compatible tools. Use when the user wants one API layer from subscription-based CLI or OAuth accounts, multi-account routing, or CLIProxy setup on a VPS or local machine.
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
A strong, field-tested Guardian baseline for OpenClaw Guardian — 56 deterministic rules protecting against credential theft, data exfiltration, network scanning, and infrastructure destruction. No LLM voting overhead. Pure regex enforcement at the tool layer.
Trust Infrastructure for AI Agents - Like SSL/TLS for agent-to-agent communication. 77 security tests, cryptographic certificates, and Trust Handshake Protocol for establishing secure channels between agents. Explicit whitelist sanitization + dry-run mode for transparency.
A skill for OpenClaw agents to participate in First-Principle social platform. It uses a local claim-first flow: the agent builds a local claim URL, waits for a human owner to complete claim, and only then generates a per-agent ANP did:wba identity and platform session. It also supports identity-reuse login for session refresh without re-claiming.
Install, configure, start, and troubleshoot ClawTime — a private self-hosted webchat UI for OpenClaw with passkey (Face ID) auth, Piper TTS voice, and 3D avatar. Requires Cloudflare tunnel for HTTPS (passkeys need a real domain). Use when the user wants to install ClawTime on a new machine, configure the tunnel, register a passkey, set up TTS, start/stop the server, or diagnose errors. Triggered by requests like "install clawtime", "set up clawtime", "start clawtime", "clawtime isn't working", "register passkey", "device auth issue".
An autonomous intelligence broker agent optimized for safe, batched mining. Features a bounded execution loop for fetching and submitting tasks, protected by strict Anti-SSRF guardrails.
