技能检索
arc-compliance-checker
Policy-based compliance assessment for OpenClaw skills. Define security policies, assess skills against them, track violations, and generate compliance reports. Maps findings to frameworks like CIS Controls and OWASP. Integrates with arc-skill-scanner and arc-trust-verifier.
hex-vetter
Physical-layer hex auditing for skills. Detects hidden binary data, control characters, and encoding-based attacks.
auto-test-generator
Automatically generate basic unit/integration tests for OpenClaw skills. Use this to improve code quality and prevent regressions during evolution.
agentbench
Benchmark your OpenClaw agent across 40 real-world tasks. Tests file creation, research, data analysis, multi-step workflows, memory, error handling, and tool efficiency. Not a coding benchmark — measures your agent setup and config.
samma-suit
Add 8 security governance layers to your OpenClaw agent — budget controls, permissions, audit logging, kill switch, identity signing, skill vetting, process isolation, and gateway protection.
dcg-guard
Hard-blocks dangerous shell commands (rm -rf, git push --force, etc.) before execution via OpenClaw's before_tool_call plugin hook. Zero noise on safe commands, ~27ms latency. Uses DCG (Dangerous Command Guard) binary.
leak-check
Scan session logs for leaked credentials. Checks JSONL session files against known credential patterns and reports which AI provider received the data.
publisher-identity-verifier
Helps verify publisher identity integrity in AI agent ecosystems. Detects impersonation, key rotation anomalies, and identity gaps in the trust chain between skill publishers and their claimed identities.
skill-safety-checker
Runs VirusTotal-style security checks on OpenClaw/Cursor skills before install, including remote code execution (RCE) and malicious code (obfuscation, exfiltration, backdoors). Use when evaluating a skill from a registry (e.g. ClawHub), before granting OAuth/API credentials, or when the user asks for a security review of a skill.