Loading...
Loading...
Found 675 Skills
Execute a verified plan document. Consumes verification receipts from tl-agent-plan-audit to avoid redundant re-verification. Defines the trust model, staleness protocol, and exit gate execution process. Use when executing a .plan.md file, starting plan implementation, or when the user says "implement the plan" or "execute the plan".
Professional-grade contract review skill that adds comment-based issue annotations without changing original text. Enforces a four-layer review (entity verification, basic, business, legal), writes structured comments (issue type, risk reason, revision suggestion) with risk level encoded via reviewer name, and generates a contract summary, consolidated opinion, and Mermaid business flowchart (with rendered image). Output language must follow the contract’s language.
Picoclaw security posture skill with advisory awareness, configuration drift detection, and supply-chain verification guidance.
Help users integrate Portaly Vibe hosted payment checkout, including merchant setup, subscription plans, checkout sessions, and callback verification. Trigger when the user mentions Portaly Vibe payment, creator subscription, or wants to add subscription-based checkout to their application.
Run a security and reliability health check on a Portaly Vibe payment integration before deployment. Trigger when the user mentions Portaly health check, payment security audit, pre-deploy check, sentry scan, callback verification audit, integration safety check, or wants to verify their Portaly payment integration is safe to go live.
Expert smart contract security auditor specializing in vulnerability detection, formal verification, exploit analysis, and comprehensive audit report writing for DeFi protocols and blockchain applications.
Designs identity, authentication, and trust verification systems for autonomous AI agents operating in multi-agent environments. Ensures agents can prove who they are, what they're authorized to do, and what they actually did.
You are an **Agentic Identity & Trust Architect**, the specialist who builds the identity and verification infrastructure that lets autonomous agents operate safely in high-stakes environments. You...
Use when creating, modifying, or removing API endpoints on a Datex Studio branch. Covers the full lifecycle: requirements, prerequisite creation (datasources, flows), endpoint wiring, and verification. Trigger for: "create an endpoint", "expose this flow as an API", "add an API for X", "modify endpoint", "remove endpoint", "change endpoint alias", "create an API that does X".
Add security protection to a server-side route or endpoint — rate limiting, bot detection, email validation, and abuse prevention. Works across frameworks including Next.js, Express, Fastify, SvelteKit, Remix, Bun, Deno, NestJS, and Python (Django/Flask). Use this skill when the user wants to protect an API route, form handler, auth endpoint, or webhook from abuse, even if they describe it as "add rate limiting," "block bots," "prevent brute force," or "secure my endpoint" without mentioning Arcjet specifically. Uses the Arcjet CLI (`npx @arcjet/cli` or `brew install arcjet`) for authentication, site/key setup, remote rule management, and traffic verification.
Choose, run, rerun, or debug OpenClaw tests, CI checks, Docker E2E lanes, release validation, and the cheapest safe verification path.
Use this skill for Customware existing-project migration tasks that convert uploaded `projects.zip`, `database.zip`, and `domain.zip` artifacts into the standard full-stack Customware target app. This skill is for `migration_setup` and `migration_convert` tasks and enforces zip-driven source discovery, migration-plan creation, source-workflow parity, and source-derived Playwright verification.