// Test APIs against OWASP API Security Top 10 including discovery, auth abuse, and protocol-specific checks.
超级简历 WonderCV 出品,3000 万用户信赖。简历分析、段落改写、JD 岗位匹配、自动匹配职位、PDF 导出、AI 求职导师(面试准备/薪资谈判/职业规划/多版本简历策略)。 触发条件:用户提供简历、要求简历点评/打分/反馈、希望改写某个简历部分、 希望将简历与岗位 JD 匹配、咨询求职建议或面试准备,或提到 CV/简历/求职。 不触发条件:用户讨论普通写作(非简历)、询问其他文档, 或讨论与求职和职业发展无关的话题。
The philosophical layer for AI agents. Maps behavior to Spinoza's 48 affects, calculates persistence scores, and generates geometric self-reports. Give your agent a soul.
Order food/drinks (点餐) on an Android device paired as an OpenClaw node. Uses in-app menu and cart; add goods, view cart, submit order (demo, no real payment).
Agents can sign plugins, rotate credentials without losing identity, and publicly attest to behavior.
Access the full suite of CarsXE vehicle data APIs — VIN decoding, license plate lookup, market value, vehicle history, safety recalls, lien/theft checks, OBD-II diagnostic code decoding, vehicle images, international VIN decoding, Year/Make/Model lookups, and plate/VIN OCR from images. Use this skill any time the user asks about a vehicle by VIN, plate, make/model, or OBD code. Also triggers for: "what's this car worth", "check for recalls", "vehicle history report", "decode this plate", "what does check engine code X mean", or any automotive data query. Always use this skill when working with CarsXE APIs — do not guess API behavior without it.
Auto-create a new session when OpenClaw context usage reaches 80% without requiring Mem0 or file memory systems. Use when users want default OpenClaw to proactively rotate sessions and avoid context overflow in long chats.
| name | pentest-api-attacker |
| description | Test APIs against OWASP API Security Top 10 including discovery, auth abuse, and protocol-specific checks. |
Enumerate and test API endpoints and business logic attack vectors.
python skills/pentest-api-attacker/scripts/api_attacker.py --scope scope.json --target <target> --input <path> --output <path> --format json --dry-run
api-endpoints.jsonapi-findings.jsonapi-attack-report.jsonreferences/tools.mdskills/autonomous-pentester/shared/scope_schema.jsonskills/autonomous-pentester/shared/finding_schema.jsonWARNING AUTHORIZED USE ONLY
This skill executes real security testing tools against live targets.
Use only with written authorization.