Loading...
Loading...
Found 28 Skills
Expert skill for integrating cloud AI APIs (Claude, GPT-4, Gemini). Covers secure API key management, prompt injection prevention, rate limiting, cost optimization, and protection against data exfiltration attacks.
Implements content safety filters with PII redaction, policy constraints, prompt injection detection, and safe refusal templates. Use when adding "content moderation", "safety filters", "PII protection", or "guardrails".
Semantic security scanner for OpenClaw skills. Detects prompt injection, data exfiltration, and hidden instructions that traditional code scanners miss. Use when user asks to scan skills, check skill safety, or run a security audit.
Security auditor for Claude Code skills and agent definitions. Scans a skill or agent directory for prompt injection, data exfiltration, privilege escalation, memory poisoning, obfuscation, malicious persistence, and 12 other threat categories (18 total). Returns a graded verdict (OK / WARNING / CRITICAL) with detailed findings. Use this skill whenever you need to audit, review, or validate the safety of a skill, an agent definition, a system prompt, or any set of instruction files before installing or trusting them. Also use it when the user mentions security scanning, threat detection, prompt injection checking, or wants to verify that a skill is safe. Triggers on: /maton, "audit this skill", "is this skill safe", "check for injection", "scan for threats", "review this agent", "security check".
Protects LLM agent systems in real-time with a 5-tier filter (hash cache, rule engine, ML classifier, LLM judge, human approval) and an async learning engine. Synthesizes new rules from every detected attack, adding less than 50ms latency. Trigger on 'add security layer', 'prevent prompt injection', 'adaptive guard', 'runtime protection', or 'agent security'.
Comprehensive guide to why and how AI agents should use email. Use when evaluating whether an agent needs email, comparing email infrastructure options (AgentMail vs Gmail API vs Resend vs SendGrid vs SES), understanding security risks like prompt injection via email and OAuth credential exposure, or exploring common agent email use cases such as customer support agents, sales outreach, verification flows, and browser automation.
Architecture patterns and best practices for giving AI agents email capabilities. Use when designing how agents send, receive, and manage email conversations, building two-way communication loops, implementing human-in-the-loop approval with drafts, choosing between WebSockets and webhooks, setting up multi-agent email topologies, handling OTP and verification flows, or securing agent email against prompt injection.
Add Arcjet Guard protection to AI agent tool calls, background jobs, queue workers, and other code paths where there is no HTTP request. Covers rate limiting, prompt injection detection, sensitive information blocking, and custom rules using `@arcjet/guard` (JS/TS) and `arcjet.guard` (Python). Use this skill whenever the user wants to protect tool calls, agent loops, MCP tool handlers, background workers, or any non-HTTP code from abuse — even if they describe it as "rate limit my tool calls," "block prompt injection in my agent," "add security to my MCP server," or "protect my queue worker" without mentioning Arcjet or Guard specifically. Uses the Arcjet CLI (`npx @arcjet/cli` or `brew install arcjet`) for authentication and site/key setup.
Use when assessing AI/ML systems for prompt injection, jailbreak vulnerabilities, model inversion risk, data poisoning exposure, or agent tool abuse. Covers MITRE ATLAS technique mapping, injection signature detection, and adversarial robustness scoring.
Comprehensive security and safety evaluation system for agent skills (.skill files). Use when users provide GitHub URLs, website links, or .skill files for download and request security assessment, safety evaluation, or ask "is this skill safe to use." Evaluates prompt injection risks, malicious code patterns, hidden instructions, data exfiltration attempts, and provides actionable recommendations with risk scoring.
Comprehensive security auditor for AI agent skills, prompts, and instructions. Checks for typosquatting, dangerous permissions, prompt injection, supply chain risks, and data exfiltration patterns — before you use any agent or skill.
Security patterns for LLM integrations including prompt injection defense and hallucination prevention. Use when implementing context separation, validating LLM outputs, or protecting against prompt injection attacks.