Loading...
Loading...
Found 8 Skills
Analyze network traffic captures and artifacts for forensic investigation. Use when investigating data exfiltration, command and control communications, lateral movement, or network-based attacks. Supports PCAP, PCAPNG, and NetFlow analysis.
Review, audit, and harden AI skills for security risks including prompt injection, hidden instructions, tool misuse, data exfiltration, and malicious payloads; use when analyzing SKILL.md, scripts, references, or assets for vulnerabilities and when producing remediation guidance.
Semantic security scanner for OpenClaw skills. Detects prompt injection, data exfiltration, and hidden instructions that traditional code scanners miss. Use when user asks to scan skills, check skill safety, or run a security audit.
Audit and monitor network requests made by OpenClaw skills. Detects data exfiltration, unauthorized API calls, and suspicious outbound connections.
Analyzes DNS query logs to detect data exfiltration via DNS tunneling, DGA domain communication, and covert C2 channels using entropy analysis, query volume anomalies, and subdomain length detection in SIEM platforms. Use when SOC teams need to identify DNS-based threats that bypass traditional network security controls.
Detect abnormal access patterns in AWS S3, GCS, and Azure Blob Storage by analyzing CloudTrail Data Events, GCS audit logs, and Azure Storage Analytics. Identifies after-hours bulk downloads, access from new IP addresses, unusual API calls (GetObject spikes), and potential data exfiltration using statistical baselines and time-series anomaly detection.
Dangling markup injection playbook. Use when HTML injection is possible but JavaScript execution is blocked (CSP, sanitizer strips event handlers, WAF blocks script tags) — exfiltrate CSRF tokens, session data, and page content by injecting unclosed HTML tags that capture subsequent page content.
Advanced Content Security Policy bypass techniques. Use when XSS or data exfiltration is blocked by CSP and you need to find policy weaknesses, trusted endpoint abuse, nonce leakage, or exfiltration channels that CSP cannot block.