首页龙虾技能列表 › System Hardening Checklist — 技能工具

System Hardening Checklist — 技能工具

v1.0.0

Comprehensive security assessment and hardening recommendations platform providing compliance framework guidance and critical control evaluation.

0· 73·0 当前·0 累计
by @krishnakumarmahadevan-cmd (ToolWeb)·MIT-0
下载技能包
License
MIT-0
最后更新
2026/3/29
安全扫描
VirusTotal
无害
查看报告
OpenClaw
可疑
medium confidence
The skill is largely documentation for a hardening-assessment API (instruction-only) and is internally plausible, but it omits essential operational details (base URL, auth) while advertising a paid hosted service and has an unknown publisher — this mismatch makes it suspicious rather than clearly benign.
评估建议
This skill appears to be documentation and an OpenAPI spec for a system-hardening assessment API rather than a working integration. Before installing or using it: (1) verify the publisher and provenance — the source/homepage is unknown; (2) ask the publisher for the API base URL and authentication method (API key/OAuth) — the spec includes paths but no servers/credentials; (3) do not paste real secrets or production data into example payloads until you know where requests will be sent; (4) treat...
详细分析 ▾
用途与能力
Name/description match the included SKILL.md and openapi.json which describe an assessment API and checklist; however the skill advertises a hosted service and pricing but does not provide a base URL, server information, or any authentication/credential requirements. That omission is inconsistent with a real commercial API.
指令范围
The SKILL.md is an API specification and usage examples only — it does not instruct the agent to read arbitrary local files, access unrelated environment variables, or transmit data to unexpected endpoints. It also does not include runtime commands or steps that would execute on the host.
安装机制
No install spec and no code files beyond documentation/OpenAPI. As an instruction-only skill, it does not install artifacts or write files to disk, which is low risk from an install perspective.
凭证需求
The skill declares no required environment variables or credentials, but describes a paid hosted API with usage limits and plans — a real integration would normally require a base endpoint and API key/credentials. The absence of any credential requirements is disproportionate to the advertised purpose and could indicate an incomplete or placeholder skill.
持久化与权限
always is false and the skill is user-invocable; it does not request persistent presence or elevated platform privileges.
安全有层次,运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发,无需署名。

运行时依赖

无特殊依赖

版本

latestv1.0.02026/3/29

- Initial release of the System Hardening Checklist API. - Provides comprehensive security assessments and hardening recommendations aligned with leading compliance frameworks (CIS, NIST, ISO 27001). - Supports endpoints for generating assessment reports, retrieving hardening categories, frameworks, and critical controls. - Enables gap analysis, scoring, and framework alignment for organizational security posture. - Flexible pricing plans available, including free and enterprise tiers.

● 无害

安装命令 点击复制

官方npx clawhub@latest install toolweb-system-hardening-checklist
镜像加速npx clawhub@latest install toolweb-system-hardening-checklist --registry https://cn.clawhub-mirror.com

技能文档

The System Hardening Checklist API is a comprehensive security assessment platform designed to evaluate organizational security posture and generate actionable hardening recommendations. Built for security professionals, compliance officers, and system administrators, this API provides detailed security assessments aligned with industry-leading compliance frameworks.

The platform enables organizations to systematically evaluate their hardening implementation across multiple categories, identify gaps against critical controls, and track compliance progress over time. By integrating assessment data with framework-specific guidance, the API delivers context-aware recommendations tailored to your security baseline and compliance requirements.

Ideal users include security teams conducting internal assessments, compliance managers tracking framework adherence, infrastructure teams implementing hardening standards, and organizations requiring documented evidence of security control implementation for audit purposes.

Usage

Assessment Request Example:

{
  "checklistData": {
    "sessionId": "sess-20240115-prod-001",
    "checklist": {
      "access_control": [
        "mfa_enabled",
        "rbac_implemented",
        "service_accounts_managed"
      ],
      "network_security": [
        "firewall_configured",
        "segmentation_implemented",
        "ids_enabled"
      ],
      "encryption": [
        "tls_1_2_enforced",
        "data_at_rest_encrypted"
      ]
    },
    "totalItems": 10,
    "implementedItems": 8,
    "timestamp": "2024-01-15T14:30:00Z"
  },
  "sessionId": "sess-20240115-prod-001",
  "userId": 12345,
  "timestamp": "2024-01-15T14:30:00Z"
}

Assessment Response Example:

{
  "assessmentId": "assess-20240115-001",
  "sessionId": "sess-20240115-prod-001",
  "status": "completed",
  "overallScore": 80,
  "compliancePercentage": 80,
  "categories": [
    {
      "name": "access_control",
      "score": 85,
      "implementedControls": 3,
      "totalControls": 4,
      "status": "good"
    },
    {
      "name": "network_security",
      "score": 75,
      "implementedControls": 2,
      "totalControls": 3,
      "status": "needs_improvement"
    },
    {
      "name": "encryption",
      "score": 80,
      "implementedControls": 2,
      "totalControls": 2,
      "status": "good"
    }
  ],
  "criticalGaps": [
    {
      "category": "network_security",
      "control": "ids_enabled",
      "severity": "high",
      "recommendation": "Deploy intrusion detection system across network perimeter"
    }
  ],
  "frameworkAlignment": {
    "CIS": "Moderate compliance",
    "NIST": "Moderate compliance",
    "ISO27001": "Adequate controls"
  },
  "timestamp": "2024-01-15T14:30:15Z"
}

Endpoints

GET /

Health Check

Verifies API availability and service status.

Method: GET Path: /

Parameters: None

Response: 

Status 200: Service operational confirmation

POST /api/hardening/assess

Generate Hardening Assessment Report

Processes checklist data and generates a comprehensive hardening assessment report with gap analysis, compliance scoring, and framework alignment.

Method: POST Path: /api/hardening/assess

Request Body (required):

ParameterTypeRequiredDescription
checklistDataChecklistData objectYesAssessment checklist containing category implementation status
sessionIdstringYesUnique session identifier for tracking
userIdinteger or nullNoUser identifier for audit logging
timestampstringYesISO 8601 timestamp of assessment initiation
ChecklistData Schema:

ParameterTypeRequiredDescription
sessionIdstringYesSession identifier matching parent request
checklistobjectYesKey-value mapping of categories to implemented control arrays
totalItemsintegerYesTotal number of security controls in scope
implementedItemsintegerYesNumber of controls currently implemented
timestampstringYesISO 8601 timestamp of checklist completion
Response: 
Status 200: Assessment report with scoring, category analysis, critical gaps, and framework alignment
Status 422: Validation error with details on missing/invalid fields

GET /api/hardening/categories

Retrieve Available Hardening Categories

Returns the complete list of hardening assessment categories supported by the API.

Method: GET Path: /api/hardening/categories

Parameters: None

Response: 

Status 200: Array of category objects with descriptions and control counts

GET /api/hardening/frameworks

Retrieve Compliance Frameworks

Returns information on supported compliance frameworks including CIS Controls, NIST Cybersecurity Framework, ISO 27001, and others.

Method: GET Path: /api/hardening/frameworks

Parameters: None

Response: 

Status 200: Array of framework objects with details, versions, and mapping guidance

GET /api/hardening/critical-controls

Retrieve Critical Controls by Category

Returns categorized critical security controls that require priority implementation.

Method: GET Path: /api/hardening/critical-controls

Parameters: None

Response: 

Status 200: Nested object structure with categories and associated critical controls with severity levels

Pricing

PlanCalls/DayCalls/MonthPrice
Free550Free
Developer20500$39/mo
Professional2005,000$99/mo
Enterprise100,0001,000,000$299/mo

About

ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.

References

  • Kong Route: https://api.mkkpro.com/hardening/system-checklist
  • API Docs: https://api.mkkpro.com:8111/docs
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制

了解定制服务