Marketplace
Find the right skill for the job.
Browse the full catalog through outcome-first channels, technical facets, rating filters, and server-side pagination built for a large public marketplace.
wp-to-static
Convert a WordPress website to a static site and deploy to Cloudflare Pages. Mirrors the rendered HTML via SSH, extracts only referenced assets (shrinks 1.5GB+ to ~25MB), fixes URLs, self-hosts fonts, strips WordPress cruft, and deploys. Use when migrating a WordPress site to static hosting.
aethercore
AetherCore v3.3.2 - Security-focused final release. High-performance JSON optimization with universal smart indexing for all file types. All security review issues fixed, ready for production.
location-awareness
Location awareness via privacy-friendly GPS tracking (Home Assistant, OwnTracks, GPS Logger). Set location-based reminders and ask about movement history, travel time, and nearby POIs.
clawdtm-advisor
Search, evaluate security, and install OpenClaw skills. Helps your human find the right skills safely.
megaeth-developer
End-to-end MegaETH development playbook (Feb 2026). Covers wallet operations, token swaps (Kyber Network), eth_sendRawTransactionSync (EIP-7966) for instant receipts, JSON-RPC batching, real-time mini-block subscriptions, storage-aware contract patterns (Solady RedBlackTreeLib), MegaEVM gas model, WebSocket keepalive, bridging from Ethereum, and debugging with mega-evme. Use when building on MegaETH, managing wallets, sending transactions, or deploying contracts.
cyber-security-engineer
Security engineering workflow for OpenClaw privilege governance and hardening. Use for least-privilege execution, approval-first privileged actions, idle timeout controls, port + egress monitoring, and ISO 27001/NIST-aligned compliance reporting with mitigations.
opena2a-security
Security hardening for OpenClaw. Audit your configuration, scan installed skills for malware, detect CVE-2026-25253, check credential exposure, and get actionable fix recommendations. Runs locally with no external API calls.
install-then-update-trap-detector
Helps detect the install-then-update attack pattern — where a skill passes initial security review cleanly, then silently introduces malicious behavior through an automatic update that bypasses re-audit. v1.1 adds cryptographic chain-of-custody verification for update sequences.
anemone-browser
Managed headful Chrome browser for OpenClaw agents with anti-bot-detection, human-in-the-loop VNC takeover, and multi-session window isolation. Use when: (1) setting up browser automation on a new machine (Mac/Linux/Docker), (2) browser gets blocked by Google, Cloudflare, or CAPTCHAs, (3) need human to intervene via VNC (login, CAPTCHA solving), (4) multiple agent sessions need independent browser windows without conflicts, (5) configuring OpenClaw's browser tool for headful Chrome. Triggers: "set up browser", "browser blocked", "CAPTCHA", "VNC", "Google Scholar blocked", "headless detected", "anti-detection", "browser setup", "Chrome for agent".
jack-cloud
Deploy web services to the cloud with Jack. Use when: you need to create APIs, websites, or backends and deploy them live. Teaches: project creation, deployment, databases, logs, and all Jack Cloud services.
here-now
Publish files and folders to the web instantly. Static hosting for HTML sites, images, PDFs, and any file type. Use when asked to "publish this", "host this", "deploy this", "share this on the web", "make a website", "put this online", "upload to the web", "create a webpage", "share a link", "serve this site", or "generate a URL". Outputs a live, shareable URL at {slug}.here.now.
openclaw-xguardian
Build, configure, and install a 24x7 OpenClaw watchdog on macOS, including scaffolding the Go project, wiring launchd, and tuning health/recovery behavior. Use for requests to create or share the OpenClaw guardian service, deploy it on a Mac, or troubleshoot its recovery/logging behavior.
security-scanner
Scans OpenClaw skills for security vulnerabilities and suspicious patterns before installation
linode
Linode (Akamai) — compute instances, volumes, networking, NodeBalancers, domains, and Kubernetes.
security-monitor
Comprehensive security audit for OpenClaw deployments. Checks Docker port bindings, SSH config, openclaw.json settings, file permissions, exposed services, and firewall rules. Scores your deployment 0-100 with actionable recommendations. Use for security hardening and compliance checks.
tandemn-tuna
Deploy and serve LLM models on GPU. Compare GPU pricing. Launch vLLM on Modal, RunPod, Cerebrium, Cloud Run, Baseten, or Azure with spot instance fallback. OpenAI-compatible inference endpoint.
pr-review
Find and fix code issues before publishing a PR. Single-pass review with auto-fix. Use when reviewing code changes before submission or auditing existing code for bugs/security. Don't use when running a coding agent to write code (use coding-agent) or checking GitHub CI status (use github).
camoufox-deploy
One-click deployment of camoufox anti-detection browser with modified agent-browser. Patches agent-browser to auto-detect camoufox/firefox from executable path instead of defaulting to chromium.
cyber-kev-triage
Prioritize vulnerability remediation using KEV-style exploitation context plus asset criticality. Use for CVE triage, patch order decisions, and remediation reporting.
sui-coverage
Analyze Sui Move test coverage, identify untested code, write missing tests, and perform security audits. Includes Python tools for parsing coverage output and generating reports.
arc-shield
Output sanitization for agent responses - prevents accidental secret leaks
medical
Personal health record management with strict privacy boundaries. Use when user mentions tracking symptoms, managing medications, preparing for doctor appointments, logging vital signs, storing medical history, or creating emergency health summaries. Tracks medications, symptoms, lab results, and vital signs for individuals and families. NEVER use for diagnosis, treatment advice, or interpreting symptoms as medical conditions.
interop-forge
Integration architect for multi-app monorepos — shared contracts, API-first design with OpenAPI, cross-app auth, auto-generated SDKs, and full MCP server scaffolding per app
evolve
Local DevOps/autonomy skill for OpenClaw (safe evolution loop with guardrails).