Ransomware Preventer — 勒索软件防护

Name: Ransomware Preventer — 勒索软件防护
Author: ToolWeb

ToolWeb

Ransomware Preventer — 勒索软件防护

v1.0.0

多层次勒索软件防御策略平台，基于组织评估数据（包括规模、行业、安全态势、已部署系统和现有安全工具）生成个性化防护建议。适用于安全团队、MSSP、企业风险管理者和网络安全顾问，帮助快速评估勒索软件漏洞并向利益相关者提供数据驱动的防御策略。

0· 83·0 当前·0 累计

by @krishnakumarmahadevan-cmd (ToolWeb)·MIT-0

生产力工具

下载技能包

License

MIT-0

最后更新

2026/3/25

安全扫描

VirusTotal

无害

查看报告

OpenClaw

可疑

medium confidence

该技能的文档描述了一个网络化的「Ransomware Preventer」API，但包中仅包含说明文档和 OpenAPI 规范，没有服务器/端点或安装程序——这种不匹配和缺乏来源信息意味着在使用前应精确验证其调用方式和数据流向。

评估建议

此包看起来像是 API 文档而非可运行的服务。在安装或使用前：1) 向提供商询问服务端点和部署详情（基础 URL 和认证方式）。2) 在确认数据发送地点及存储/保留方式之前，不要发送真实或敏感的评估数据（询问日志记录、会话存储和保留策略）。3) 如果技能预期调用外部 API，需明确要求凭证并验证 TLS 和官方域名；如果应在本地运行，需确认该行为并使用合成数据在沙箱中测试。4) 优先选择具有已知来源/主页或可验证所有者的技能；缺乏来源信息会增加风险。5) 如需将建议集成到工具中（SIEM/EDR），需向提供商明确要求可审计性和数据导出控制。...

详细分析 ▾

ℹ 用途与能力

名称和描述声称存在一个托管 API 用于生成个性化勒索软件防御策略。但包中仅包含文档（SKILL.md）和 OpenAPI 规范。未提供服务器 URL、主机或部署说明，也没有必需的凭证或环境变量。如果技能旨在让代理在本地合成策略，这是合理的，但与远程 API/服务的预期不一致。

ℹ 指令范围

SKILL.md 提供了端点描述、示例请求/响应和 API 语义，但没有告诉代理将请求发送到哪里（没有基础服务器 URL），也没有指示代理读取本地文件、环境变量或外部端点。指令是独立的 API 文档而非可运行的运行时步骤——这使得代理行为不明确（本地生成还是远程调用）。

✓ 安装机制

没有安装规范，也没有要写入磁盘的代码；该技能仅包含指令。从安装角度来看，这风险较低，符合纯文档类技能的特点。

✓ 凭证需求

该技能不请求环境变量、凭证或配置路径。这对于纯文档或本地生成技能来说是适当的。然而，规范宣传了集成和会话跟踪，却没有请求任何存储/配置或凭证来支持它们——这是另一个不完整的迹象。

✓ 持久化与权限

该技能不请求持久权限（always 为 false）。它没有声明写入代理配置或系统设置。没有迹象表明它会持久化凭证或更改其他技能的配置。

安全有层次，运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发，无需署名。

查看条款 ↗

运行时依赖

无特殊依赖

版本

latestv1.0.02026/3/25

Ransomware Preventer 1.0.0 — 初始版本发布：推出基于组织评估数据生成个性化、多层次勒索软件防御策略的平台；提供健康检查和防御策略生成的端点文档；支持跨预防、检测、响应和恢复层的详细风险分析、差距评估和定制建议；设计用于与现有安全和威胁情报工作流无缝集成；提供分层定价方案，包括免费选项供有限使用。

● 无害

安装命令点击复制

官方npx clawhub@latest install ransomware-preventer

镜像加速npx clawhub@latest install ransomware-preventer --registry https://cn.clawhub-mirror.com

技能文档

Ransomware Preventer 是一个复杂的安全 API，旨在帮助组织开发和实施针对勒索软件威胁的全面防御策略。通过分析您组织的独特特征——包括规模、行业垂直领域、当前安全态势、已部署系统和现有安全工具——该平台会根据您的特定风险配置文件和运营环境生成个性化的多层防御建议。

该 API 非常适合安全团队、托管安全服务提供商 (MSSP)、企业风险管理者和网络安全顾问，他们需要快速评估勒索软件漏洞并向利益相关者提供数据驱动的防御策略。无论您是在保护关键基础设施、医疗保健、金融或其他高风险行业的小型企业还是大型企业，Ransomware Preventer 都能提供可操作的情报来增强您的勒索软件抵御能力。

主要功能包括实时评估处理、上下文防御策略生成、会话跟踪以实现审计跟踪，以及集成就绪的 API 设计，可无缝融入安全编排平台和威胁情报工作流。

使用方法

示例请求

{
  "assessmentData": {
    "organizationSize": "enterprise",
    "industry": "financial_services",
    "securityPosture": "mature",
    "systems": [
      "Active Directory",
      "Exchange Server",
      "SQL Server",
      "SharePoint",
      "VPN Gateway"
    ],
    "existingTools": "Sentinel One EDR, Fortinet FortiGate, Splunk SIEM",
    "sessionId": "sess_a7f3c9e2d1b4",
    "timestamp": "2024-01-15T14:32:00Z"
  },
  "sessionId": "sess_a7f3c9e2d1b4",
  "userId": 12847,
  "timestamp": "2024-01-15T14:32:00Z"
}

示例响应

{
  "strategyId": "strat_8f2e9c1a5d3b",
  "sessionId": "sess_a7f3c9e2d1b4",
  "organizationProfile": {
    "size": "enterprise",
    "industry": "financial_services",
    "riskLevel": "high",
    "complianceRequirements": [
      "PCI-DSS",
      "SOX",
      "GLBA"
    ]
  },
  "defenseStrategy": {
    "preventionLayer": {
      "priority": "critical",
      "recommendations": [
        {
          "control": "Email Security Gateway",
          "rationale": "Block malicious attachments and phishing vectors",
          "implementation": "Deploy advanced threat protection with sandbox analysis"
        },
        {
          "control": "Application Whitelisting",
          "rationale": "Prevent unauthorized executable execution",
          "implementation": "Implement on critical servers and workstations"
        }
      ]
    },
    "detectionLayer": {
      "priority": "critical",
      "recommendations": [
        {
          "control": "File Integrity Monitoring",
          "rationale": "Detect unauthorized file modifications in real-time",
          "implementation": "Monitor system directories and shared drives"
        },
        {
          "control": "Behavioral Analytics",
          "rationale": "Identify anomalous file access patterns",
          "implementation": "Enhance EDR with UEBA capabilities"
        }
      ]
    },
    "responseLayer": {
      "priority": "high",
      "recommendations": [
        {
          "control": "Incident Response Plan",
          "rationale": "Minimize dwell time and impact",
          "implementation": "Test quarterly; include ransomware playbook"
        },
        {
          "control": "Immutable Backups",
          "rationale": "Ensure recovery capability independent of primary systems",
          "implementation": "Air-gapped backup infrastructure with 3-2-1 strategy"
        }
      ]
    },
    "recoveryLayer": {
      "priority": "high",
      "recommendations": [
        {
          "control": "Disaster Recovery Plan",
          "rationale": "Restore operations within defined RTO/RPO",
          "implementation": "Test recovery procedures; maintain offline documentation"
        }
      ]
    }
  },
  "gapAnalysis": {
    "currentCoverage": 72,
    "recommendedCoverage": 95,
    "criticalGaps": [
      "Immutable backup infrastructure",
      "Advanced email threat protection",
      "File integrity monitoring"
    ]
  },
  "timeline": "2024-01-15T14:32:15Z",
  "confidence": 0.92
}

端点

GET /

根端点

返回基本 API 信息和服务状态。

参数： 无

响应： 包含服务元数据的 JSON 对象

GET /health

健康检查

验证 API 可用性和运营状态。用于监控和正常运行时间检查。

参数： 无

响应： 指示健康状态的 JSON 对象

POST /api/ransomware/preventer

生成防御策略

根据您组织的评估数据生成个性化的多层勒索软件防御策略。

参数：

名称	类型	必需	描述
`assessmentData`	object	是	组织评估详情
`assessmentData.organizationSize`	string	是	组织规模（如 "small"、"medium"、"enterprise"）
`assessmentData.industry`	string	是	行业垂直领域（如 "financial_services"、"healthcare"、"manufacturing"）
`assessmentData.securityPosture`	string	是	当前安全成熟度级别（如 "basic"、"intermediate"、"mature"、"advanced"）
`assessmentData.systems`	string 数组	是	已部署系统和平台的列表（如 "Active Directory"、"Exchange Server"、"SQL Server"）
`assessmentData.existingTools`	string	是	当前已部署的安全工具和解决方案描述
`assessmentData.sessionId`	string	是	用于审计跟踪的唯一会话标识符
`assessmentData.timestamp`	string	是	评估数据收集的 ISO 8601 时间戳
`sessionId`	string	是	与 assessmentData.sessionId 匹配的唯一会话标识符
`userId`	integer 或 null	否	用于多用户跟踪的可选用户标识符
`timestamp`	string	是	请求的 ISO 8601 时间戳

响应格式：

{
  "strategyId": "string",
  "sessionId": "string",
  "organizationProfile": {
    "size": "string",
    "industry": "string",
    "riskLevel": "string",
    "complianceRequirements": ["string"]
  },
  "defenseStrategy": {
    "preventionLayer": {
      "priority": "string",
      "recommendations": [
        {
          "control": "string",
          "rationale": "string",
          "implementation": "string"
        }
      ]
    },
    "detectionLayer": {
      "priority": "string",
      "recommendations": [
        {
          "control": "string",
          "rationale": "string",
          "implementation": "string"
        }
      ]
    },
    "responseLayer": {
      "priority": "string",
      "recommendations": [
        {
          "control": "string",
          "rationale": "string",
          "implementation": "string"
        }
      ]
    },
    "recoveryLayer": {
      "priority": "string",
      "recommendations": [
        {
          "control": "string",
          "rationale": "string",
          "implementation": "string"
        }
      ]
    }
  },
  "gapAnalysis": {
    "currentCoverage": "number",
    "recommendedCoverage": "number",
    "criticalGaps": ["string"]
  },
  "timeline": "string",
  "confidence": "number"
}

错误响应：

422 验证错误：请求体验证失败。请检查必填字段和数据类型。

定价

计划	每日调用次数	每月调用次数	价格
Free	5	50	免费
Developer	20	500	$39/月
Professional	200	5,000	$99/月
Enterprise	100,000	1,000,000	$299/月

关于 ToolWeb.in

200+ 安全 API，CISSP & CISM，平台：按次付费、API 网关、MCP Server、OpenClaw、RapidAPI、YouTube。

参考资料

Kong 路由： https://api.mkkpro.com/security/ransomware-preventer
API 文档： https://api.mkkpro.com:8078/docs

Ransomware Preventer is a sophisticated security API designed to help organizations develop and implement comprehensive defense strategies against ransomware threats. By analyzing your organization's unique characteristics—including size, industry vertical, current security posture, deployed systems, and existing security tools—the platform generates personalized, multi-layered defense recommendations tailored to your specific risk profile and operational environment.

The API is ideal for security teams, managed security service providers (MSSPs), enterprise risk managers, and cybersecurity consultants who need to rapidly assess ransomware vulnerabilities and deliver data-driven defense strategies to stakeholders. Whether you're protecting a small business or a large enterprise across critical infrastructure, healthcare, finance, or other high-risk sectors, Ransomware Preventer provides actionable intelligence to strengthen your ransomware resilience.

Key capabilities include real-time assessment processing, contextual defense strategy generation, session tracking for audit trails, and integration-ready API design that fits seamlessly into security orchestration platforms and threat intelligence workflows.

Usage

Sample Request

{
  "assessmentData": {
    "organizationSize": "enterprise",
    "industry": "financial_services",
    "securityPosture": "mature",
    "systems": [
      "Active Directory",
      "Exchange Server",
      "SQL Server",
      "SharePoint",
      "VPN Gateway"
    ],
    "existingTools": "Sentinel One EDR, Fortinet FortiGate, Splunk SIEM",
    "sessionId": "sess_a7f3c9e2d1b4",
    "timestamp": "2024-01-15T14:32:00Z"
  },
  "sessionId": "sess_a7f3c9e2d1b4",
  "userId": 12847,
  "timestamp": "2024-01-15T14:32:00Z"
}

Sample Response

{
  "strategyId": "strat_8f2e9c1a5d3b",
  "sessionId": "sess_a7f3c9e2d1b4",
  "organizationProfile": {
    "size": "enterprise",
    "industry": "financial_services",
    "riskLevel": "high",
    "complianceRequirements": [
      "PCI-DSS",
      "SOX",
      "GLBA"
    ]
  },
  "defenseStrategy": {
    "preventionLayer": {
      "priority": "critical",
      "recommendations": [
        {
          "control": "Email Security Gateway",
          "rationale": "Block malicious attachments and phishing vectors",
          "implementation": "Deploy advanced threat protection with sandbox analysis"
        },
        {
          "control": "Application Whitelisting",
          "rationale": "Prevent unauthorized executable execution",
          "implementation": "Implement on critical servers and workstations"
        }
      ]
    },
    "detectionLayer": {
      "priority": "critical",
      "recommendations": [
        {
          "control": "File Integrity Monitoring",
          "rationale": "Detect unauthorized file modifications in real-time",
          "implementation": "Monitor system directories and shared drives"
        },
        {
          "control": "Behavioral Analytics",
          "rationale": "Identify anomalous file access patterns",
          "implementation": "Enhance EDR with UEBA capabilities"
        }
      ]
    },
    "responseLayer": {
      "priority": "high",
      "recommendations": [
        {
          "control": "Incident Response Plan",
          "rationale": "Minimize dwell time and impact",
          "implementation": "Test quarterly; include ransomware playbook"
        },
        {
          "control": "Immutable Backups",
          "rationale": "Ensure recovery capability independent of primary systems",
          "implementation": "Air-gapped backup infrastructure with 3-2-1 strategy"
        }
      ]
    },
    "recoveryLayer": {
      "priority": "high",
      "recommendations": [
        {
          "control": "Disaster Recovery Plan",
          "rationale": "Restore operations within defined RTO/RPO",
          "implementation": "Test recovery procedures; maintain offline documentation"
        }
      ]
    }
  },
  "gapAnalysis": {
    "currentCoverage": 72,
    "recommendedCoverage": 95,
    "criticalGaps": [
      "Immutable backup infrastructure",
      "Advanced email threat protection",
      "File integrity monitoring"
    ]
  },
  "timeline": "2024-01-15T14:32:15Z",
  "confidence": 0.92
}

Endpoints

GET /

Root endpoint

Returns basic API information and service status.

Parameters: None

Response: JSON object with service metadata

GET /health

Health Check

Verifies API availability and operational status. Use this for monitoring and uptime checks.

Parameters: None

Response: JSON object indicating health status

POST /api/ransomware/preventer

Generate Defense Strategy

Generates a personalized, multi-layered ransomware defense strategy based on your organization's assessment data.

Parameters:

Name	Type	Required	Description
`assessmentData`	object	Yes	Organizational assessment details
`assessmentData.organizationSize`	string	Yes	Organization size (e.g., "small", "medium", "enterprise")
`assessmentData.industry`	string	Yes	Industry vertical (e.g., "financial_services", "healthcare", "manufacturing")
`assessmentData.securityPosture`	string	Yes	Current security maturity level (e.g., "basic", "intermediate", "mature", "advanced")
`assessmentData.systems`	array of strings	Yes	List of deployed systems and platforms (e.g., "Active Directory", "Exchange Server", "SQL Server")
`assessmentData.existingTools`	string	Yes	Description of currently deployed security tools and solutions
`assessmentData.sessionId`	string	Yes	Unique session identifier for audit trail
`assessmentData.timestamp`	string	Yes	ISO 8601 timestamp of assessment data collection
`sessionId`	string	Yes	Unique session identifier matching assessmentData.sessionId
`userId`	integer or null	No	Optional user identifier for multi-user tracking
`timestamp`	string	Yes	ISO 8601 timestamp of the request

Response Shape:

{
  "strategyId": "string",
  "sessionId": "string",
  "organizationProfile": {
    "size": "string",
    "industry": "string",
    "riskLevel": "string",
    "complianceRequirements": ["string"]
  },
  "defenseStrategy": {
    "preventionLayer": {
      "priority": "string",
      "recommendations": [
        {
          "control": "string",
          "rationale": "string",
          "implementation": "string"
        }
      ]
    },
    "detectionLayer": {
      "priority": "string",
      "recommendations": [
        {
          "control": "string",
          "rationale": "string",
          "implementation": "string"
        }
      ]
    },
    "responseLayer": {
      "priority": "string",
      "recommendations": [
        {
          "control": "string",
          "rationale": "string",
          "implementation": "string"
        }
      ]
    },
    "recoveryLayer": {
      "priority": "string",
      "recommendations": [
        {
          "control": "string",
          "rationale": "string",
          "implementation": "string"
        }
      ]
    }
  },
  "gapAnalysis": {
    "currentCoverage": "number",
    "recommendedCoverage": "number",
    "criticalGaps": ["string"]
  },
  "timeline": "string",
  "confidence": "number"
}

Error Responses:

422 Validation Error: Request body validation failed. Review required fields and data types.

Pricing

Plan	Calls/Day	Calls/Month	Price
Free	5	50	Free
Developer	20	500	$39/mo
Professional	200	5,000	$99/mo
Enterprise	100,000	1,000,000	$299/mo

About

ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.

References

Kong Route: https://api.mkkpro.com/security/ransomware-preventer
API Docs: https://api.mkkpro.com:8078/docs

数据来源：ClawHub ↗ · 中文优化：龙虾技能库

OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险，如需更匹配、更安全的方案，建议联系付费定制

了解定制服务

License

运行时依赖

版本

安装命令 点击复制

技能文档

使用方法

示例请求

示例响应

端点

GET /

GET /health

POST /api/ransomware/preventer

定价

关于 ToolWeb.in

参考资料

Usage

Sample Request

Sample Response

Endpoints

GET /

GET /health

POST /api/ransomware/preventer

Pricing

About

References

安装命令点击复制