Loading...
Loading...
Found 9 Skills
Comprehensive security auditor for OpenClaw skills. Checks for typosquatting, dangerous permissions, prompt injection, supply chain risks, and data exfiltration patterns — before you install anything.
Comprehensive security auditor for AI agent skills, prompts, and instructions. Checks for typosquatting, dangerous permissions, prompt injection, supply chain risks, and data exfiltration patterns — before you use any agent or skill.
Analyzes Claude Code session transcripts to evaluate skill portfolio health — routing errors, attention competition between descriptions, and coverage gaps. Generates an interactive HTML report with per-skill health cards, competition matrix, attention budget analysis, and actionable patches. Unlike skill-creator which optimizes individual skills in isolation, skill-auditor optimizes the portfolio as a system, detecting cross-skill attention theft and cascade risks. Use when user says "audit my skills", "skill audit", "run skill-auditor", "analyze skill routing", "check skill competition", "portfolio health", "スキル監査", "スキルの精度を分析", "スキルルーティング分析".
Analyze agent skills for security risks, malicious patterns, and potential dangers before installation. Use when asked to "audit a skill", "check if a skill is safe", "analyze skill security", "review skill risk", "should I install this skill", "is this skill safe", or when evaluating any skill directory for trust and safety. Also triggers when the user pastes a skill install command like "npx skills add https://github.com/org/repo --skill name". Produces a comprehensive security report with a clear install/reject verdict.
Comprehensive security auditor for AI agent skills, prompts, and instructions. Checks for typosquatting, dangerous permissions, prompt injection, supply chain risks, and data exfiltration patterns — before you use any agent or skill.
Audit existing skills (global and project-level) for agent-friendliness, consistency, and best practices. Use when asked to "audit my skills", "review skill setup", "analyze skill quality", "check skill health", "improve my skills", or when wanting an assessment of the overall skill ecosystem. Provides actionable recommendations for improving skill effectiveness.
Audit installed skills across project, global, and plugin levels. Lists skills with line counts, identifies improvement opportunities (conciseness, clarity, overlap, token waste). Use when reviewing skill quality, finding bloated skills, or optimizing token budgets.
Run a repo-wide cross-cutting governance audit via the pm-skill-auditor sub-agent. Dispatches natively on Claude Code with the pm-skills plugin (invokes @agent-pm-skill-auditor); on non-Claude clients (Codex CLI, Cursor, Windsurf, Copilot, Gemini CLI) reads subagents/pm-skill-auditor.md and executes the system prompt inline. Returns a layered audit report (full findings + Status Summary prose + Status YAML envelope per master plan D26) with cross-cutting findings graded P0/P1/P2/P3 plus aggregate counter audit and validator results table.
Walk the guided release runbook (6 gates G0/G1/G2/G2.5/G3/G4) via the pm-release-conductor sub-agent. Dispatches natively on Claude Code with the pm-skills plugin (invokes @agent-pm-release-conductor with native chain composition to pm-skill-auditor at G0 and pm-changelog-curator at G2); on non-Claude clients (Codex CLI, Cursor, Windsurf, Copilot, Gemini CLI) reads subagents/pm-release-conductor.md and inlines auditor + curator behaviors at G0 + G2 via reference-and-execute-inline pattern (because non-Claude clients cannot natively chain to other sub-agents). Returns gate-by-gate output with explicit confirmation pauses, refuses bypass attempts, tags only the G2.5-captured SHA per master plan D22.