← Back to Skills Marketplace
gemini2027

PwnClaw Security Scan

by Gemini2027 · GitHub ↗ · v1.0.0
cross-platform ✓ Security Clean
1255
Downloads
2
Stars
8
Active Installs
1
Versions
Install in OpenClaw
/install pwnclaw-security-scan
Description
Test your AI agent for security vulnerabilities using PwnClaw. Runs 50+ attacks (prompt injection, jailbreaks, social engineering, MCP poisoning, and more) and provides fix instructions. Use when your agent needs a security check or hardening.
Usage Guidance
This skill is internally consistent, but it relies on an external service. Before using: verify the PwnClaw website and the linked GitHub repo yourself; prefer human-mediated/manual testing or a sandboxed agent endpoint for initial runs; never give the service access to sensitive production endpoints or credentials; review any system-prompt rules generated by the service before applying them permanently; and limit scope/privileges when running tests (use staging agents or explicit test tokens). If you need higher assurance, inspect the public GitHub source or run the service in a controlled environment first.
Capability Analysis
Type: OpenClaw Skill Name: pwnclaw-security-scan Version: 1.0.0 The skill bundle is designed to test an AI agent for security vulnerabilities using the PwnClaw service. The `SKILL.md` instructs the agent to make HTTP GET and POST requests to `https://www.pwnclaw.com/api/test/{token}` to fetch attack prompts and submit its responses. This network activity and data transfer (agent's responses to test prompts) are explicitly aligned with the stated purpose of a security testing tool and do not show evidence of exfiltrating unrelated sensitive data, malicious execution, persistence, or obfuscation. The instructions are clear and do not attempt to prompt-inject the agent into performing actions outside the scope of the security scan.
Capability Assessment
Purpose & Capability
Name/description (agent security scanner) match the SKILL.md. The instructions and endpoints all relate to running external security tests; no unrelated binaries, credentials, or capabilities are requested.
Instruction Scope
Instructions primarily guide a human to use the external PwnClaw service or to run a token-based self-test via the service's API. This is appropriate for a remote scanning service, but the instructions do recommend (a) allowing the service to send attacks to your agent endpoint (automatic mode) and (b) adding generated rules to your system prompt — both of which require careful human review before enabling in production.
Install Mechanism
No install spec or code files are present (instruction-only), so nothing is written to disk and there is no package installation risk.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate for an instruction-only wrapper around an external scanning service.
Persistence & Privilege
The skill is not marked always:true and does not request persistent privileges. It does recommend adding fix rules to the system prompt, but that is an action for the human operator (not an automatic install).
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install pwnclaw-security-scan
  3. After installation, invoke the skill by name or use /pwnclaw-security-scan
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Test your AI agent for security vulnerabilities using PwnClaw. Runs 50+ attacks (prompt injection, jailbreaks, social engineering, MCP poisoning, and more) and provides fix instructions. Use when your agent needs a security check or hardening.
Metadata
Slug pwnclaw-security-scan
Version 1.0.0
License
All-time Installs 8
Active Installs 8
Total Versions 1
Frequently Asked Questions

What is PwnClaw Security Scan?

Test your AI agent for security vulnerabilities using PwnClaw. Runs 50+ attacks (prompt injection, jailbreaks, social engineering, MCP poisoning, and more) and provides fix instructions. Use when your agent needs a security check or hardening. It is an AI Agent Skill for Claude Code / OpenClaw, with 1255 downloads so far.

How do I install PwnClaw Security Scan?

Run "/install pwnclaw-security-scan" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is PwnClaw Security Scan free?

Yes, PwnClaw Security Scan is completely free (open-source). You can download, install and use it at no cost.

Which platforms does PwnClaw Security Scan support?

PwnClaw Security Scan is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created PwnClaw Security Scan?

It is built and maintained by Gemini2027 (@gemini2027); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 Comments