Loading...
Loading...
Found 1,636 Skills
Comprehensive security and safety evaluation system for agent skills (.skill files). Use when users provide GitHub URLs, website links, or .skill files for download and request security assessment, safety evaluation, or ask "is this skill safe to use." Evaluates prompt injection risks, malicious code patterns, hidden instructions, data exfiltration attempts, and provides actionable recommendations with risk scoring.
Autonomous development agent that picks tasks from a project board (Jira, ClickUp, GitHub Issues), explores the codebase, implements the solution, opens a PR, and notifies the team. Configurable per-project via project files in ~/.config/delivering-tickets/projects/. Use this skill when the user asks to "work on a ticket", "pick up a task", "implement issue X", "work autonomously on the board", "take the next task", or any variation of autonomous task execution from a project board. Also triggers when the user mentions delivering-tickets, project configuration, or wants to set up autonomous development workflows for their team. Available commands: /delivering-tickets (start), /delivering-tickets:check (check replies), /delivering-tickets:status (workflow status), /delivering-tickets:setup (verify environment), /delivering-tickets:project (manage projects). Do NOT use for general coding without a ticket, standalone code reviews, project setup without a board configured, or questions unrelated to task execution from a project board.
Automated vulnerability scanner for agent platforms. Performs dependency scanning (npm audit, pip-audit), multi-database CVE lookup (OSV, NVD, GitHub Advisory), SAST analysis (Semgrep, Bandit), and agent-specific DAST hook execution testing for OpenClaw hooks.
Research latest ComfyUI models, techniques, and community discoveries. Monitors YouTube channels, GitHub repos, and HuggingFace. Updates reference files with timestamped findings and flags stale information. Invoke with /research comfyui or automatically at session start for staleness checks.
Generate an ARCHITECTURE.md file for a codebase following matklad's principles. Use when asked to "write an architecture doc", "create ARCHITECTURE.md", "document the architecture", "explain the codebase structure", "write a codemap", or when onboarding contributors to a project. Based on https://matklad.github.io/2021/02/06/ARCHITECTURE.md.html and modeled after rust-analyzer's architecture doc.
Configure OAuth providers (Google, Apple, Microsoft, Facebook, GitHub, etc.) to work with portless local dev URLs. Use when setting up OAuth redirect URIs, fixing "redirect_uri_mismatch" or "invalid redirect" errors, configuring sign-in providers for local development, or when a provider rejects .localhost subdomains. Triggers include "OAuth not working with portless", "redirect URI mismatch", "Google/Apple/Microsoft sign-in fails locally", "configure OAuth for local dev", or any task involving OAuth callback URLs with portless domains.
Turn any website into a CLI command. 36 platforms, 103 commands — Twitter, Reddit, GitHub, YouTube, Zhihu, Bilibili, Weibo, and more. Uses OpenClaw's browser directly, no extra extension needed.
Build apps that integrate with external services via Membrane. Use when the user wants to add integrations to their product — let their customers connect to Slack, HubSpot, Salesforce, GitHub, Google Sheets, Jira, or any other app, execute actions, sync data, or handle webhooks. Covers backend token generation, frontend connection UI, running actions, data collections, and AI agent tooling.
Automated content production pipeline: hot topic aggregation from 10+ platforms (Bilibili, GitHub, Reddit, YouTube, Weibo, Zhihu, etc.), AI-powered topic scoring, multi-platform content generation (Xiaohongshu, WeChat, Twitter), draft review, and auto-publishing. Use when: user wants daily content pipeline, hot topic collection, content generation, article publishing, or content factory automation.
MUST USE for any task involving the dotenvx CLI tool — encrypting .env files, running commands with injected env vars, managing secrets across environments, and decrypting at runtime. Use this skill whenever the user mentions dotenvx, dotenv encryption, DOTENV_PRIVATE_KEY, encrypted .env files, or the dotenvx encrypt/run/set/get/decrypt/keypair commands. Also trigger when the user wants to: commit .env files safely to git, stop sharing secrets over Slack/chat, encrypt environment variables with public-key cryptography, set up multi-environment .env configs (production/staging/ci), manage secrets in a monorepo with -fk flag, migrate from python-dotenv or plain dotenv to encrypted envs, inject env vars into any process across any language (Node, Python, Ruby, Go, Rust, etc.), or configure CI/CD pipelines (GitHub Actions, Docker) with encrypted env files. This skill contains the authoritative CLI reference — without it, responses will hallucinate non-existent commands and flags.
Turn many commits into a curated grouped squash summary compatible with the opinionated wording style of git-visual-commits. Use this skill whenever the user asks to squash a branch into a concise summary, write a squash-and-merge summary, summarize a commit range or PR as grouped lines, clean up noisy commit history, or asks for a curated summary without committing. Treat phrases like "squash summary", "squash commit message", "summarize this branch", "turn these commits into one summary", "rewrite these 10+ commits", or "draft the squash summary" as automatic triggers. This skill is non-mutating: it inspects git history and diffs, then returns grouped summary lines only. It preserves technical identifiers where possible, groups by intent rather than chronology, merges overlapping commits, drops low-signal noise, uses strong concrete verbs, favors readable GitHub and terminal output, keeps every output line at or below 72 characters, and does not invent unsupported changes or drift into changelog wording.
Use this skill when managing multi-repository systems using the `meta` tool (github.com/mateodelnorte/meta). Triggers on meta git clone, meta exec, meta project create/import/migrate, coordinating commands across many repos, running npm/yarn installs across all projects, migrating a monorepo to a multi-repo architecture, or any workflow that requires running git or shell commands against multiple child repositories at once.