技能详情(站内镜像,无评论)
作者:Anmol Nagpal @anmolnagpal
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 0 · 186 · 0 current installs · 0 all-time installs
⭐ 0
安装量(当前) 0
🛡 VirusTotal :良性 · OpenClaw :良性
Package:anmolnagpal/compliance-analyzer
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :良性
OpenClaw 评估
The skill's requests and instructions align with its stated purpose (analyzing user-provided AWS CLI/Service exports) and it does not ask for credentials or install code — however, be careful about what you paste because exported data can contain sensitive details.
目的
The name/description (AWS compliance mapping) matches the runtime instructions: it asks users to supply AWS Config / Security Hub / resource configuration exports and maps findings to compliance controls. There are no unrelated required binaries, environment variables, or config paths listed. Header items like 'tools: claude, bash' are incidental but do not contradict the stated purpose.
说明范围
The SKILL.md is instruction-only and instructs the agent to ask the user to provide CLI output files (exact aws cli commands are given) and to never request credentials. This is appropriate for an analysis skill, but it relies on the user pasting potentially sensitive exports. The header's 'bash' tool could be ambiguous in some runtimes (it suggests shell capability) but the skill explicitly states it will not execute AWS CLI itself; still, co…
安装机制
No install spec and no code files — lowest-risk pattern for a skill (instruction-only). Nothing is downloaded or written to disk by the skill itself.
证书
The skill requests no environment variables or credentials. It provides a minimal, read-only IAM policy for the user to run the suggested CLI commands locally. However, user-provided exports may contain sensitive identifiers or secrets if they inadvertently include them, so the requirement 'user provides exported data' carries data-exfiltration risk if the user pastes unredacted outputs.
持久
always is false, the skill does not request persistent privileges or system-wide config changes. It does not attempt to modify other skills or agent-wide settings.
综合结论
This skill is internally coherent: it analyzes AWS CLI/Service exports you supply and does not ask for credentials. Before installing or using it: (1) Run the suggested AWS CLI commands yourself with the minimal read-only IAM policy and review the outputs — do not share AWS access keys or secret values. (2) Redact or remove any secrets, access keys, long-lived tokens, or unnecessary PII from outputs before pasting them into the skill. (3) Limi…
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Compliance Analyzer」。简介:Map AWS environment against CIS, SOC 2, HIPAA, or PCI-DSS controls with priorit…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/anmolnagpal/compliance-analyzer/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
暂无本地缓存内容,可在后台执行详情同步。