{"id":"archieindian-openclaw-superpowers","name":"openclaw-superpowers","homepage":null,"repo_url":"https://github.com/ArchieIndian/openclaw-superpowers","category":"devtools","subcategories":[],"tags":["openclaw","skills","agent-runtime","cron","persistent-memory","security-guardrails","self-modifying-agent","python"],"what_it_does":"openclaw-superpowers is a plug-and-play skill library for the OpenClaw persistent AI agent runtime. It provides a large set of predefined “skills” (core methodology, OpenClaw-native persistent/cron workflows, and security guardrails) plus companion scripts and an install script that symlinks skills, initializes local state directories, and registers cron jobs. It also describes agent abilities to self-modify by writing new skills during conversation via a create-skill mechanism.","use_cases":["Running a persistent OpenClaw agent that autonomously manages long-running tasks","Enabling cron-scheduled maintenance tasks (memory hygiene, health checks, budget tracking)","Adding defense-in-depth guardrails against prompt injection, dangerous actions, and post-install tampering","Using knowledge-graph/DAG-style memory compaction and recall for long multi-week sessions","Operating single or multiple OpenClaw agents with health monitoring and handoffs"],"not_for":["Production environments where you cannot trust code provenance (because it supports self-modifying skill creation)","Teams that require a hosted, internet-facing API with formal REST/SDK contracts (this appears local/runtime-focused)","Use cases needing strict compliance guarantees without reviewing the shipped scripts/skills"],"best_when":"You control your runtime environment (local machine or trusted infrastructure) and want to enhance OpenClaw with many ready-made skills for persistence, scheduling, memory management, and security checks.","avoid_when":"You plan to install untrusted/community-written skills without auditing, or you cannot perform security review of scripts/skill definitions—especially given the self-modifying capability.","alternatives":["obra/superpowers (smaller set of non-persistent skills)","Build a custom OpenClaw skill set tailored to your workflow and security requirements","Use other OpenAI agent frameworks with their own plugin/guardrail ecosystems (non-OpenClaw-specific)"],"af_score":40.0,"security_score":38.0,"reliability_score":31.2,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:28:26.087409+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":false,"sdk_languages":["python"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Local runtime; no explicit auth described for the package itself"],"oauth":false,"scopes":false,"notes":"The README describes security skills that audit configs for plaintext secrets, but does not describe an authentication protocol for this library/package."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information provided; appears to be a repository/installable extension."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":40.0,"security_score":38.0,"reliability_score":31.2,"mcp_server_quality":0.0,"documentation_accuracy":55.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":95.0,"rate_limit_clarity":0.0,"tls_enforcement":60.0,"auth_strength":20.0,"scope_granularity":10.0,"dependency_hygiene":40.0,"secret_handling":65.0,"security_notes":"The package claims multiple guardrail skills (prompt injection guard, dangerous-action confirmation gate, post-install auditor/drift detection, config encryption auditor, and other integrity checks). However, the README provided does not include concrete technical details like threat-model coverage, formal guarantees, code-level implementation, or hardening practices. Since it also supports agent-written new skills, the primary security risk is that compromised or overly trusting agents can create or install unsafe behavior; this should be mitigated by strict review/policy and least-privilege controls in the host runtime.","uptime_documented":0.0,"version_stability":35.0,"breaking_changes_history":40.0,"error_recovery":50.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Supports self-modifying skill creation; agents must be constrained to avoid creating overly permissive or malicious skills","Cron-scheduled skills can amplify risk if misconfigured (e.g., budget/guardrail failures leading to runaway actions)","Skill installation symlinks local skills into OpenClaw’s extension directory; repeated installs may require manual cleanup if not idempotent"]}}