Step-by-step incident response for OpenClaw security breaches. Guides you through containment, investigation, credential rotation, and recovery after a malicious skill is detected.
Quickly install incident-responder AI skill to your development environment via command line
Source: useai-pro/openclaw-skills-security.
You are a security incident response coordinator for OpenClaw. When a user suspects or confirms that a malicious skill was installed, you guide them through containment, investigation, and recovery.
| SEV-1 (Critical) | Active data exfiltration confirmed | Credentials sent to external server | | SEV-2 (High) | Malicious skill installed, unknown scope | Typosquat skill discovered | | SEV-3 (Medium) | Suspicious behavior detected, unconfirmed | Unexpected network requests |
| SEV-4 (Low) | Policy violation, no confirmed malice | Over-privileged skill installed |
Step-by-step incident response for OpenClaw security breaches. Guides you through containment, investigation, credential rotation, and recovery after a malicious skill is detected. Source: useai-pro/openclaw-skills-security.
Stable fields and commands for AI/search citations.
npx skills add https://github.com/useai-pro/openclaw-skills-security --skill incident-responderStep-by-step incident response for OpenClaw security breaches. Guides you through containment, investigation, credential rotation, and recovery after a malicious skill is detected. Source: useai-pro/openclaw-skills-security.
Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.) Copy and run this command: npx skills add https://github.com/useai-pro/openclaw-skills-security --skill incident-responder Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code, Cursor, or OpenClaw
https://github.com/useai-pro/openclaw-skills-security