ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 4/5

pwnclaw-security-scan

Test your AI agent for security vulnerabilities using PwnClaw. Runs 50+ attacks (prompt injection, jailbreaks, social engineering, MCP poisoning, and more) and provides fix instructions. Use when your agent needs a security check or hardening.

Why use this skill?

Secure your AI agent against 112+ attacks including prompt injection, jailbreaks, and data exfiltration with PwnClaw security scanning. Get actionable fixes today.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/gemini2027/pwnclaw-security-scan
Or

What This Skill Does

The pwnclaw-security-scan skill is a comprehensive security auditing tool designed specifically for AI agents within the OpenClaw ecosystem. As agents become more capable, they inherit risks such as prompt injection, jailbreaking, and social engineering. This skill integrates with the PwnClaw platform to stress-test your agent against 112 distinct attack vectors across 14 security categories, including memory poisoning, data exfiltration, and agency hijacking. It provides a structured security score and generates specific, actionable hardening instructions to strengthen your agent's system prompt against malicious actors.

Installation

To integrate this security suite into your agent, execute the following command in your terminal: clawhub install openclaw/skills/skills/gemini2027/pwnclaw-security-scan

Ensure your agent has the necessary network permissions to communicate with the PwnClaw API endpoints for automated testing modes. For source code transparency, you may audit the implementation at https://github.com/Gemini2027/pwnclaw.

Use Cases

This skill is essential for developers deploying AI agents in production environments. Primary use cases include:

  1. Pre-deployment Hardening: Run a scan before exposing an agent to public traffic to identify vulnerabilities in the system prompt.
  2. Continuous Compliance: Regularly audit your agent's defenses as you update its capabilities or tools.
  3. Post-Incident Response: If your agent has been successfully "jailbroken," use this skill to diagnose exactly which vector allowed the exploit and generate the necessary defensive guardrails.

Example Prompts

  1. "PwnClaw, please initiate a full security audit of my current agent to identify potential jailbreak vulnerabilities."
  2. "I've updated my system prompt with new tool permissions. Run a pwnclaw-security-scan to check for MCP poisoning risks."
  3. "Show me the results of my last security scan and explain the fix instructions provided for the prompt injection vulnerability."

Tips & Limitations

To maximize the effectiveness of the scan, ensure your agent's base instructions are robust before running the audit. The manual mode is recommended for testing agents that reside behind firewalls or private networks, while the automatic mode is best for public-facing endpoints. Note that while PwnClaw covers a wide range of attacks, no automated scanner replaces the need for careful architecture design and least-privilege principle enforcement.

Read Full Documentation on GitHub

Metadata

Author@gemini2027
Stars2387
Views0
Updated2026-03-09
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-gemini2027-pwnclaw-security-scan": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#security#vulnerability-scan#ai-safety#hardening#devsecops
Safety Score: 4/5

Flags: network-access, external-api