Zeno-sole
72 verified skills
agent-bom
AI supply chain security scanner — check packages for CVEs, look up MCP servers in the 427+ server threat registry, assess blast radius, generate SBOMs, enforce compliance (OWASP, MITRE ATLAS, EU AI Act, NIST AI RMF). Use when the user mentions vulnerability scanning, dependency security, SBOM generation, MCP server trust, or AI supply chain risk.
tools
skills/local/agent-team-kit
# Agent Team Kit — SKILL.md *A framework for self-sustaining AI agent teams.* --- ## What This Is A complete team process kit for OpenClaw agents that enables: - **Self-service work queues** — Agents pick up tasks without human bottlenecks - **Clear role ownership** — Everyone knows who does what - **Continuous discovery** — Work flows in automatically - **Proactive operation** — The team runs itself via heartbeat --- ## Quick Start ### 1. Copy the Process Files ```bash # From your works
development
apple-notes
Manage Apple Notes via the `memo` CLI on macOS (create, view, edit, delete, search, move, and export notes). Use when a user asks OpenClaw to add a note, list notes, search notes, or manage note folders.
tools
blogwatcher
Monitor blogs and RSS/Atom feeds for updates using the blogwatcher CLI.
tools
blucli
BluOS CLI (blu) for discovery, playback, grouping, and volume.
tools
camsnap
Capture frames or clips from RTSP/ONVIF cameras.
tools
cve-fixer
CVE vulnerability fixing workflow for Debian packages. Searches CVE databases, generates patches with one-CVE-per-patch enforcement, validates with quilt, and submits to Gerrit/GitHub. Use when fixing CVEs in Debian packages, applying security patches, or managing Debian security updates.
testing
skills/local/dependency-auditor
# Dependency Auditor > **Skill Type:** POWERFUL > **Category:** Engineering > **Domain:** Dependency Management & Security ## Overview The **Dependency Auditor** is a comprehensive toolkit for analyzing, auditing, and managing dependencies across multi-language software projects. This skill provides deep visibility into your project's dependency ecosystem, enabling teams to identify vulnerabilities, ensure license compliance, optimize dependency trees, and plan safe upgrades. In modern
tools
discord
Discord ops via the message tool (channel=discord).
tools
eightctl
Control Eight Sleep pods (status, temperature, alarms, schedules).
tools
github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
tools
sag
ElevenLabs text-to-speech with mac-style say UX.
tools
notion
Notion API for creating and managing pages, databases, and blocks.
development
Office
Master Excel, Word, PowerPoint, and Google Workspace with formulas, formatting, and automation.
tools
self-improvement
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Claude ('No, that's wrong...', 'Actually...'), (3) User requests a capability that doesn't exist, (4) An external API or tool fails, (5) Claude realizes its knowledge is outdated or incorrect, (6) A better approach is discovered for a recurring task. Also review learnings before major tasks.
tools
skill-creator
Create or update AgentSkills. Use when designing, structuring, or packaging skills with scripts, references, and assets.
data-ai
trello
Manage Trello boards, lists, and cards via the Trello REST API.
development
wacli
Send WhatsApp messages to other people or search/sync WhatsApp history via the wacli CLI (not for normal user chats).
tools
xurl
A CLI tool for making authenticated requests to the X (Twitter) API. Use this skill when you need to post tweets, reply, quote, search, read posts, manage followers, send DMs, upload media, or interact with any X API v2 endpoint.
tools
bluebubbles
Use when you need to send or manage iMessages via BlueBubbles (recommended iMessage integration). Calls go through the generic message tool with channel="bluebubbles".
tools
gh-issues
Fetch GitHub issues, spawn sub-agents to implement fixes and open PRs, then monitor and address PR review comments. Usage: /gh-issues [owner/repo] [--label bug] [--limit 5] [--milestone v1.0] [--assignee @me] [--fork user/repo] [--watch] [--interval 5] [--reviews-only] [--cron] [--dry-run] [--model glm-5] [--notify-channel -1002381931352]
documentation
imsg
iMessage/SMS CLI for listing chats, history, and sending messages via Messages.app.
tools
sonoscli
Control Sonos speakers (discover/status/play/volume/group).
tools
tmux
Remote-control tmux sessions for interactive CLIs by sending keystrokes and scraping pane output.
tools
apple-reminders
Manage Apple Reminders via remindctl CLI (list, add, edit, complete, delete). Supports lists, date filters, and JSON/plain output.
tools
baidu-search
Search the web using Baidu AI Search Engine (BDSE). Use for live information, documentation, or research topics.
development
deepin-os-version-update
Update Deepin OS version files and create PR for deepin-desktop-base repository. Updates version numbers across all architectures (amd/arm/loong/riscv), updates debian/changelog, and creates a pull request. Use when user asks to update os-version for Deepin desktop base.
documentation
Excel / XLSX
Read, write, and generate Excel files with correct types, dates, formulas, and cross-platform compatibility.
documentation
proactive-agent
Transform AI agents from task-followers into proactive partners that anticipate needs and continuously improve. Now with WAL Protocol, Working Buffer, Autonomous Crons, and battle-tested patterns. Part of the Hal Stack 🦞
testing
bear-notes
Create, search, and manage Bear notes via grizzly CLI.
tools
healthcheck
Host security hardening and risk-tolerance configuration for OpenClaw deployments. Use when a user asks for security audits, firewall/SSH/update hardening, risk posture, exposure review, OpenClaw cron scheduling for periodic checks, or version status checks on a machine running OpenClaw (laptop, workstation, Pi, VPS).
testing
himalaya
CLI to manage emails via IMAP/SMTP. Use `himalaya` to list, read, write, reply, forward, search, and organize emails from the terminal. Supports multiple accounts and message composition with MML (MIME Meta Language).
tools
gemini
Gemini CLI for one-shot Q&A, summaries, and generation.
tools
gifgrep
Search GIF providers with CLI/TUI, download results, and extract stills/sheets.
tools
weather
Get current weather and forecasts via wttr.in or Open-Meteo. Use when: user asks about weather, temperature, or forecasts for any location. NOT for: historical weather data, severe weather alerts, or detailed meteorological analysis. No API key needed.
development
sherpa-onnx-tts
Local text-to-speech via sherpa-onnx (offline, no cloud)
devops
debian-pkg-query
Debian 软件包查询工具 - 查询 packages.debian.org 和 tracker.debian.org 的软件包信息、CVE、版本历史等
databases
obsidian
Work with Obsidian vaults (plain Markdown notes) and automate via obsidian-cli.
tools
cve-patching
CVE vulnerability patching workflow for Debian packages. Handles patch download, verification, application, and build testing with automatic common issue resolution.
development
multi-search-engine
Multi search engine integration with 17 engines (8 CN + 9 Global). Supports advanced search operators, time filters, site search, privacy engines, and WolframAlpha knowledge queries. No API keys required.
development
jenkins-crp-to-xlsx
Convert Jenkins v25-crp_info_collect job output to Excel (.xlsx) format. Use when the user needs to extract theme information from Jenkins CRP (Code Review Platform) info collection jobs and convert it to a structured Excel file with columns for 主题名称, 主题地址, 仓库, 源码名及版本, 责任人. Works with job URLs like https://jenkinswh.uniontech.com/view/ISO-Builder/job/v25-repo-iso-work/view/repo/job/v25-crp_info_collect/
development
skills/local/cve-scan
# cve-scan Scan SBOM for known CVE vulnerabilities ## Requirements - Expanso Edge installed (`expanso-edge` binary in PATH) - Install via: `clawhub install expanso-edge` ## Usage ### CLI Pipeline ```bash # Run standalone echo '<input>' | expanso-edge run pipeline-cli.yaml ``` ### MCP Pipeline ```bash # Start as MCP server expanso-edge run pipeline-mcp.yaml ``` ### Deploy to Expanso Cloud ```bash expanso-cli job deploy https://skills.expanso.io/cve-scan/pipeline-cli.yaml ``` ## Files | F
tools
oracle
Best practices for using the oracle CLI (prompt + file bundling, engines, sessions, and file attachment patterns).
tools
openhue
Control Philips Hue lights and scenes via the OpenHue CLI.
tools
1password
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
tools
openai-whisper
Local speech-to-text with the Whisper CLI (no API key).
tools
ordercli
Foodora-only CLI for checking past orders and active order status (Deliveroo WIP).
tools
peekaboo
Capture and automate macOS UI with the Peekaboo CLI.
tools
session-logs
Search and analyze your own session logs (older/parent conversations) using jq.
tools
slack
Use when you need to control Slack from OpenClaw via the slack tool, including reacting to messages or pinning/unpinning items in Slack channels or DMs.
tools
songsee
Generate spectrograms and feature-panel visualizations from audio with the songsee CLI.
tools
summarize
Summarize or extract text/transcripts from URLs, podcasts, and local files (great fallback for “transcribe this YouTube/video”).
content-media
things-mac
Manage Things 3 via the `things` CLI on macOS (add/update projects+todos via URL scheme; read/search/list from the local Things database). Use when a user asks OpenClaw to add a task to Things, list inbox/today/upcoming, search tasks, or inspect projects/areas/tags.
tools
voice-call
Start voice calls via the OpenClaw voice-call plugin.
tools
find-skills
Helps users discover and install agent skills when they ask questions like "how do I do X", "find a skill for X", "is there a skill that can...", or express interest in extending capabilities. This skill should be used when the user is looking for functionality that might exist as an installable skill.
data-ai
github
GitHub operations via `gh` CLI: issues, PRs, CI runs, code review, API queries. Use when: (1) checking PR status or CI, (2) creating/commenting on issues, (3) listing/filtering PRs or issues, (4) viewing run logs. NOT for: complex web UI interactions requiring manual browser flows (use browser tooling when available), bulk operations across many repos (script with gh api), or when gh auth is not configured.
tools
coding-agent
Delegate coding tasks to Codex, Claude Code, or Pi agents via background process. Use when: (1) building/creating new features or apps, (2) reviewing PRs (spawn in temp dir), (3) refactoring large codebases, (4) iterative coding that needs file exploration. NOT for: simple one-liner fixes (just edit), reading code (use read tool), thread-bound ACP harness requests in chat (for example spawn/run Codex or Claude Code in a Discord thread; use sessions_spawn with runtime:"acp"), or any work in ~/clawd workspace (never spawn agents here). Requires a bash tool that supports pty:true.
tools
model-usage
Use CodexBar CLI local cost usage to summarize per-model usage for Codex or Claude, including the current (most recent) model or a full model breakdown. Trigger when asked for model-level usage/cost data from codexbar, or when you need a scriptable per-model summary from codexbar cost JSON.
tools
nano-banana-pro
Generate or edit images via Gemini 3 Pro Image (Nano Banana Pro).
content-media
openai-image-gen
Batch-generate images via OpenAI Images API. Random prompt sampler + `index.html` gallery.
development
clawhub
Use the ClawHub CLI to search, install, update, and publish agent skills from clawhub.com. Use when you need to fetch new skills on the fly, sync installed skills to latest or a specific version, or publish new/updated skill folders with the npm-installed clawhub CLI.
tools
openai-whisper-api
Transcribe audio via OpenAI Audio Transcriptions API (Whisper).
development
goplaces
Query Google Places API (New) via the goplaces CLI for text search, place details, resolve, and reviews. Use for human-friendly place lookup or JSON output for scripts.
tools
skills/npm/canvas
# Canvas Skill Display HTML content on connected OpenClaw nodes (Mac app, iOS, Android). ## Overview The canvas tool lets you present web content on any connected node's canvas view. Great for: - Displaying games, visualizations, dashboards - Showing generated HTML content - Interactive demos ## How It Works ### Architecture ``` ┌─────────────────┐ ┌──────────────────┐ ┌─────────────┐ │ Canvas Host │────▶│ Node Bridge │────▶│ Node App │ │ (HTTP Server) │ │ (TCP
tools
docx
Use this skill whenever the user wants to create, read, edit, or manipulate Word documents (.docx files). Triggers include: any mention of 'Word doc', 'word document', '.docx', or requests to produce professional documents with formatting like tables of contents, headings, page numbers, or letterheads. Also use when extracting or reorganizing content from .docx files, inserting or replacing images in documents, performing find-and-replace in Word files, working with tracked changes or comments, or converting content into a polished Word document. If the user asks for a 'report', 'memo', 'letter', 'template', or similar deliverable as a Word or .docx file, use this skill. Do NOT use for PDFs, spreadsheets, Google Docs, or general coding tasks unrelated to document generation.
development
mcporter
Use the mcporter CLI to list, configure, auth, and call MCP servers/tools directly (HTTP or stdio), including ad-hoc servers, config edits, and CLI/type generation.
tools
gog
Google Workspace CLI for Gmail, Calendar, Drive, Contacts, Sheets, and Docs.
tools
video-frames
Extract frames or short clips from videos using ffmpeg.
tools
jenkins-crp-to-xlsx
Convert Jenkins v25-crp_info_collect job output to Excel (.xlsx) format. Use when the user needs to extract theme information from Jenkins CRP (Code Review Platform) info collection jobs and convert it to a structured Excel file with columns for 主题名称, 主题地址, 仓库, 源码名及版本, 责任人. Works with job URLs like https://jenkinswh.uniontech.com/view/ISO-Builder/job/v25-repo-iso-work/view/repo/job/v25-crp_info_collect/
development
spotify-player
Terminal Spotify playback/search via spogo (preferred) or spotify_player.
development
nano-pdf
Edit PDFs with natural-language instructions using the nano-pdf CLI.
tools
jenkins-crp-to-xlsx
Convert Jenkins v25-crp_info_collect job output to Excel (.xlsx) format. Use when the user needs to extract theme information from Jenkins CRP (Code Review Platform) info collection jobs and convert it to a structured Excel file with columns for 主题名称, 主题地址, 仓库, 源码名及版本, 责任人. Works with job URLs like https://jenkinswh.uniontech.com/view/ISO-Builder/job/v25-repo-iso-work/view/repo/job/v25-crp_info_collect/
development