📦 Data Breach Impact Calculator — 数据泄露成本速算
v1.0.2输入泄露规模与数据类型,秒算罚款、公关、技术修复等全部潜在成本,并给出GDPR/CCPA最高罚金区间,助企业快速评估事件财务影响。
0· 337·1 当前·1 累计
by 下载技能包
最后更新
2026/4/22
安全扫描
OpenClaw
安全
high confidenceThe skill is internally consistent: it legitimately requires an API key and curl to call the ToolWeb API and its instructions align with its stated purpose, but it will transmit user-provided (potentially sensitive) breach details to a third-party endpoint and users should understand the privacy and billing implications before enabling it.
评估建议
This skill will send the breach assessment inputs you collect (industry, number/type of records, security posture, etc.) to https://portal.toolweb.in and use your TOOLWEB_API_KEY for authentication. Before installing: 1) Confirm you trust ToolWeb.in and review their privacy, security, and billing terms (especially for PHI/HIPAA regulated data); 2) Do not send identifiable patient/customer data unless you have a legal basis and the vendor supports required compliance (e.g., a BAA for HIPAA); 3) P...详细分析 ▾
✓ 用途与能力
The name/description (data breach cost calculator) matches the declared requirements: a single API key (TOOLWEB_API_KEY) and curl to call the ToolWeb API. Asking for an API key is expected for a proprietary analysis service.
ℹ 指令范围
SKILL.md explicitly instructs the agent to ALWAYS call the external API and to not answer from its own knowledge. The required input fields are limited to breach-related attributes (recordsAffected, dataSensitivity, industry, etc.). This is coherent, but it means the agent will send user-provided breach details (which can include PHI/PII) to portal.toolweb.in — a privacy risk that users must accept.
✓ 安装机制
Instruction-only skill with no install steps or code files. Lowest-risk install model; it relies on an existing curl binary.
✓ 凭证需求
Only one environment variable (TOOLWEB_API_KEY) is required and it's clearly the primary credential used for the API call. No unrelated credentials or config paths are requested.
✓ 持久化与权限
always:false and no system config modifications are requested. The skill does not demand permanent system presence or elevated privileges.
安全有层次,运行前请审查代码。
运行时依赖
🖥️ OSLinux · macOS · Windows
版本
latestv1.0.22026/3/13
- Documentation changes only: internal documentation formatting and minor text revisions. - No functional or API changes to the skill logic or workflow. - No updates to inputs, outputs, or integration requirements.
● 可疑
安装命令
点击复制官方npx clawhub@latest install data-breach-impact-calculator
镜像加速npx clawhub@latest install data-breach-impact-calculator --registry https://cn.longxiaskill.com