Browse the skill radar

Use when participating in the USDC Hackathon, submitting projects, or voting. 3 tracks: SmartContract, Skill, AgenticCommerce. Submit to m/usdc on Moltbook.

Multi-agent orchestration for complex TypeScript/Next.js/Convex projects. Phased builds, functional verification, the full playbook for delegating to sub-agents without chaos.

A guide to build AI bots with Botpress's Agent Development Kit (ADK)

Manage CalDAV calendars (iCloud, Google, Yandex) from the command line. Supports OAuth2 and Basic auth, multi-account, table/JSON output.

End-to-end agentic commerce workflow using Lightning Network. Use when an agent needs to set up a full payment stack (lnd + lnget + aperture), buy or sell data via L402, or enable agent-to-agent micropayments.

Comprehensive security audit with 100 iterations (~30-60 min). Use when user says 'security audit', 'ralph security', 'weekly security check', 'audit this project', 'new project security review', or 'check for vulnerabilities'. Covers OWASP Top 10, auth, secrets, infrastructure, and code quality.

Authoritative skill-creation standards (Boss). Use when creating or updating OpenClaw skills so they are portable, reproducible, include prerequisites checks, and have a guided installation/onboarding flow that persists machine-specific config in skill-local config files.

Security audit tool for ClawHub skills. Scans a skill directory with 65 detection patterns, anti-obfuscation analysis, and dual rating system (Security + Compliance). v0.6.1 fixes batch scan performance by skipping venv/node_modules directories. Use when: installing a new skill, reviewing skill safety, or auditing permissions.

Project health and best practices enforcer. Checks security, quality, documentation, CI/CD, and dependencies. Produces a letter grade (A-F) with actionable fixes.

Deploy containerized applications to Azure Container Apps using Azure Developer CLI (azd). Use when setting up azd projects, writing azure.yaml configuration, creating Bicep infrastructure for Container Apps, configuring remote builds with ACR, implementing idempotent deployments, managing environment variables across local/.azure/Bicep, or troubleshooting azd up failures. Triggers on requests for azd configuration, Container Apps deployment, multi-service deployments, and infrastructure-as-code with Bicep.

Comprehensive bug audit for Node.js web projects. Activate when user asks to audit, review, check bugs, find vulnerabilities, or do security/quality review on a project. Works by dissecting the project's actual code to build project-specific check matrices, then exhaustively verifying each item — not by running a generic checklist. Supports games, data tools, WeChat apps, API services, bots, and dashboards.

Configures Firebase Authentication — providers, security rules, custom claims, and React auth hooks

Direct access to the Google Docs API using OAuth 2.0. Create documents, insert and format text, and manage document content.

Generate creative code names and encode/decode secret messages using classic and sophisticated ciphers. Blends nostalgic decoder ring fun with modern cryptographic techniques. Includes Caesar, Vigenère, Polybius, Rail Fence, and hybrid methods. Provides keys for secure message sharing between trusted parties.

Codebase onboarding assistant that maps project architecture, identifies patterns, generates guides, and helps new developers understand any repository in minutes instead of days.

Git commit message expert. Analyzes diffs to generate perfect conventional commits, changelogs, release notes, and PR descriptions. Enforces commit message best practices and conventional commits spec.

Analyzes codebases and generates comprehensive test suites. Unit tests, integration tests, edge cases, mocking strategies. Supports JavaScript/TypeScript (Jest, Vitest), Python (pytest), Go, and Rust.

Natural language interface for querying Greek accounting data. Ask questions in English, get answers from across all system skills.

Greek financial statement generation — P&L, balance sheets, VAT summaries with EGLS integration. Completeness gates prevent partial outputs.

Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems.

System health validator — checks skill files, paths, permissions, binaries, backup freshness, and encryption. Produces pass/fail reports.

Encrypted backups, integrity verification, and data retention enforcement for Greek legal requirements (5-20 year retention). AES-256.

Turn your unused internet bandwidth into passive crypto income. This skill helps you set up, monitor, and optimize bandwidth-sharing nodes across multiple networks.

Automatically generate professional CTF writeups from solving sessions with flag detection, challenge categorization, and proper markdown formatting