Security AI Skills
Harden your code with automated security analysis
Security skills scan your codebase for vulnerabilities, generate compliance reports, and help you follow security best practices. From OWASP Top 10 detection to dependency auditing and secrets scanning, these tools catch issues before they become breaches.
Top Security Skills
Hikvision NVR
Ask your AI agent for the Hikvision footage you need, then walk away while it downloads. Pulling video off a Hikvision DVR or NVR usually means web-UI menus, ISAPI XML, ffmpeg flags, and "why is this video broken" troubleshooting. This skill removes all of it. Once your NVRs are registered, you just tell your agent "pull the lobby camera from 8 to 9 PM yesterday" and a clean MP4 lands in your downloads folder. Speaks Hikvision's ISAPI natively, falls back to RTSP when the NVR throttles, works around firmware quirks that return wrong segment data, clips to the exact time window you asked for, and verifies the output (codec, resolution, duration, on-screen timestamp). Credentials live in your OS keychain, never on command lines or in logs. Validated on DS-9016HWI-ST, DS-7316HQHI-SH, DS-7716NI-I4/16P, DS-9632NI-ST, and DS-7716NI-SP/16 with firmware V3.1.10 through V4.50.000.
agentpass-local
Install or build a global per-user AgentPass Local that improves human-agent collaboration by letting users create website credentials in a GUI and letting agents retrieve or paste approved fields for approved domains without viewing secrets. Use when the user asks to create a password manager, password broker, credential vault, autofill helper, agent password access system, GUI for saving website credentials, or a tool that lets agents use approved passwords across projects safely.
aegis-security
Blockchain security API for AI agents. Scan tokens, simulate transactions, check addresses for threats.
sigil-security
Secure AI agent wallets via Sigil Protocol. 3-layer Guardian validation on 6 EVM chains.
What security skills can do for you
Vulnerability Scanning
Detect SQL injection, XSS, CSRF, and other OWASP Top 10 vulnerabilities in your code. Skills analyze code paths, not just patterns, to find real exploitable issues.
Dependency Auditing
Scan your package dependencies for known CVEs and outdated libraries. Get prioritized remediation advice with specific version upgrade paths.
Compliance & Hardening
Generate security policies, audit trails, and compliance documentation. Skills understand SOC 2, GDPR, HIPAA, and PCI-DSS requirements and help you meet them.
Security Skills at a Glance
| Skill | Type | Price | Downloads | Rating | Security |
|---|---|---|---|---|---|
| Hikvision NVR | Skill | $25 | 0 | — | Review |
| agentpass-local | Skill | $14 | 0 | — | Verified |
| aegis-security | Agent | Free | 1.8k | — | Review |
| sigil-security | Agent | Free | 1.4k | — | Review |
| agora-sentinel | Skill | Free | 626 | — | Review |
| pentagonal | Skill | Free | 262 | — | Review |
| clawguard-security | Agent | Free | 120 | — | Review |
All Security Skills
Hikvision NVR
Ask your AI agent for the Hikvision footage you need, then walk away while it downloads. Pulling video off a Hikvision DVR or NVR usually means web-UI menus, ISAPI XML, ffmpeg flags, and "why is this video broken" troubleshooting. This skill removes all of it. Once your NVRs are registered, you just tell your agent "pull the lobby camera from 8 to 9 PM yesterday" and a clean MP4 lands in your downloads folder. Speaks Hikvision's ISAPI natively, falls back to RTSP when the NVR throttles, works around firmware quirks that return wrong segment data, clips to the exact time window you asked for, and verifies the output (codec, resolution, duration, on-screen timestamp). Credentials live in your OS keychain, never on command lines or in logs. Validated on DS-9016HWI-ST, DS-7316HQHI-SH, DS-7716NI-I4/16P, DS-9632NI-ST, and DS-7716NI-SP/16 with firmware V3.1.10 through V4.50.000.
agentpass-local
Install or build a global per-user AgentPass Local that improves human-agent collaboration by letting users create website credentials in a GUI and letting agents retrieve or paste approved fields for approved domains without viewing secrets. Use when the user asks to create a password manager, password broker, credential vault, autofill helper, agent password access system, GUI for saving website credentials, or a tool that lets agents use approved passwords across projects safely.
aegis-security
Blockchain security API for AI agents. Scan tokens, simulate transactions, check addresses for threats.
sigil-security
Secure AI agent wallets via Sigil Protocol. 3-layer Guardian validation on 6 EVM chains.
agora-sentinel
Security check for OpenClaw skills. Scan any ClawHub skill for malware, prompt injection, data theft, wallet stealing, and dangerous permissions BEFORE insta...
pentagonal
Use when the user asks to create, generate, build, audit, fix, compile, or look up smart contracts and tokens. Pentagonal Clawd is a sovereign smart contract...
clawguard-security
🛡️ AI Agent Immune System — Security scanner + PII sanitizer + intent-action mismatch detector. 285+ patterns, OWASP Agentic AI Top 10. 100% local, zero clo...
Common questions about security skills
What vulnerabilities do security skills detect?
Skills detect the full OWASP Top 10 including injection flaws, broken authentication, sensitive data exposure, XXE, broken access control, security misconfiguration, XSS, insecure deserialization, vulnerable components, and insufficient logging.
Can skills fix the vulnerabilities they find?
Yes. Security skills don't just report issues - they provide specific code fixes. For each vulnerability found, you get the affected code, the risk level, and a concrete remediation with the corrected code.
Are the security scans comprehensive enough for compliance?
Security skills are a strong first layer but shouldn't replace professional penetration testing for compliance audits. They catch the vast majority of common issues and significantly reduce the findings from formal security assessments.
Ready to supercharge your
security workflow?
Browse verified security skills and agents built by the community. One-command install, instant results.