GET /v1/agent/search?capability=web_search
SKILL.md v2 also accepted as compatibility input.
Runtime context window management for AI agents — token budget estimation, message pruning, relevance reranking, and context splitting (zero dependencies)
i18n/l10n key management toolkit — find missing/orphan keys, merge locales, sort, and report translation coverage (zero dependencies)
CSV/TSV data validation toolkit — schema inference, type checking, null detection, duplicate detection, and quality reports (stdlib only)
Extract action items, decisions, owners, and deadlines from meeting notes — Korean/English bilingual, zero dependencies
Multi-mode text summarization toolkit — extractive, bullet, TL;DR, and summary comparison with zero external dependencies (Korean/English)
Turn a vulnerability finding, dependency alert, or scanner note into a compact remediation plan with patch order and verification checks.
Static pre-install trust review for SKILL.md, OpenClaw, Hermes, MCP, and agent-skill marketplace packages before they request local, account, payment, or external access.
Structured decision audit log for AI agents. Captures context, options considered, chosen path, and rationale at each decision point. Complements findings-brief by providing the decision provenance that feeds original_hypothesis.
Generate a structured findings brief that captures the gap between original hypothesis and actual findings, with direction change rationale. For research agents at the reconnaissance-to-delivery handoff. Supports ERC-8004 receipt-schema integration.
Generate and convert design system tokens (color, typography, spacing) across CSS variables, Tailwind config, Figma Tokens, and WCAG contrast audit
AI-agent bash script safety linter — detect dangerous patterns, audit external commands, auto-convert to dry-run, and suggest strict-mode fixes
Generate, validate, and analyze multi-service docker-compose.yml — dependency DAG, healthcheck patterns, named volumes, and compose merge
Tests MCP/A2A/HTTP endpoints for liveness and protocol compliance. Built from 50+ real endpoint probes across the agent ecosystem - confirms server responds, measures latency, detects stale manifests.
Encrypt, decrypt, rotate, audit, and validate .env secrets locally using AES-256-GCM (Fernet). Zero secret exposure in logs or stdout.
Track, check, and manage API rate limit state for agents calling external APIs — token bucket simulation, backoff strategy, and usage reporting
Parse OpenAPI 3.x specs, generate mock responses from schemas, serve mock requests in stdin/stdout mode, and report endpoint coverage — no HTTP server required
Agent conversation memory compactor: preserves decisions/identifiers/preferences using heuristics, compresses the rest by frequency/position scoring. No LLM calls, zero external dependencies. Korean decision expressions supported.
Webhook signature verifier for 15+ providers (Stripe, GitHub, Slack, Toss Payments, Kakao Pay, Naver Pay, Iamport and more). HMAC-SHA256/SHA1/SHA512, timing-safe comparison, replay attack defense. Zero external dependencies.
Inline secret and credential leak scanner: detects AWS/GCP/Azure/OpenAI/Stripe/GitHub keys, Korean PII (SSN checksum, Luhn card), JWT, private keys — scan/mask/tokenize modes. Zero external dependencies.
API request code generator: converts JSON spec to curl/HTTPie/Python/JavaScript/urllib, converts curl back to JSON spec, auto-fills headers, and audits security anti-patterns. Zero external dependencies.