📦 Enterprise AI Security Controls Assessment — 安全防护工具
v1.0.0安全性 posture assessment across 14 enterprise 安全性 domains including identity, 数据 protection, prompt injection defense, 和 complia...
0· 84·0 当前·0 累计
by 安全扫描
OpenClaw
安全
high confidenceThe skill is an instruction-only API-style assessment template whose requested inputs, files, and behavior are consistent with an AI security assessment tool and do not request unrelated credentials or install artifacts.
评估建议
This skill appears coherent and low-risk as an API-style assessment template, but you should still exercise caution before providing any real secrets or live configuration artifacts in assessmentData. Verify the skill's provenance (there is no homepage or known source listed), test with synthetic or redacted data first, and confirm how any submitted data will be stored/used by the service you invoke. If you plan to use it on live systems, prefer hosting the assessment logic internally or behind ...详细分析 ▾
✓ 用途与能力
The name/description (enterprise AI security assessment) matches the provided SKILL.md and openapi.json: endpoints accept assessment data and return domain scores/findings. There are no unexpected requirements (no cloud credentials, binaries, or privileged config paths) that would be inconsistent with its stated purpose.
✓ 指令范围
SKILL.md contains example request/response payloads and an OpenAPI spec for assessment endpoints. It does not instruct the agent to read local system files, environment variables, or other unrelated secrets, nor to transmit data to unexpected third-party endpoints.
✓ 安装机制
No install spec and no code files beyond SKILL.md and openapi.json. Because this is instruction-only, nothing is written to disk nor fetched at install time — this minimizes installation risk.
ℹ 凭证需求
The skill declares no required environment variables or credentials, which is proportionate. Note: the assessment payload structure expects potentially sensitive configuration indicators (e.g., KMS integration, encryption status); users should avoid submitting secrets or private credentials in assessmentData because the skill provides no guidance on handling or storage of sensitive inputs.
✓ 持久化与权限
The skill is not always-enabled and does not request persistent system presence or modification of other skills. Model invocation is allowed (default), which is expected for a skill of this type and is not by itself a concern.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
安装命令
点击复制官方npx clawhub@latest install toolweb-enterprise-ai-security-controls-assessments
镜像加速npx clawhub@latest install toolweb-enterprise-ai-security-controls-assessments --registry https://cn.longxiaskill.com