← Back to Skills Marketplace

Nsg Firewall Auditor

Name: Nsg Firewall Auditor
Author: anmolnagpal

by Anmol Nagpal · GitHub ↗ · v1.0.0

cross-platform ✓ Security Clean

333

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install nsg-firewall-auditor

Description

Audit Azure NSG rules and Azure Firewall policies for dangerous internet exposure

Usage Guidance

This skill is instruction-only and appears coherent, but take these precautions before using it: (1) Run the az commands locally yourself and review the JSON output — do not paste any credentials, tokens, or connection strings. (2) If you must share data, redact or replace sensitive identifiers and public IPs when possible, or share a sanitized example. (3) Use least-privilege roles locally (Reader is sufficient for many exports; Network Contributor is only needed for some effective-rule queries). (4) The skill will produce recommended CLI commands and tightened JSON — review those before applying them in your environment. (5) Note the skill lists a price and 'pack' metadata in its header; this is informational and not required to run the guidance. If you need the auditor to run commands directly against your subscription, prefer a vetted tool or grant temporary, audited access rather than pasting secrets into chat.

Capability Analysis

Type: OpenClaw Skill Name: nsg-firewall-auditor Version: 1.0.0 The skill is explicitly designed as 'instruction-only' and states it 'does not execute any Azure CLI commands or access your Azure account directly.' It instructs the agent to analyze user-provided data and explicitly forbids asking for credentials or secret keys, further instructing the agent to confirm no credentials are included in user-pasted data. While 'bash' is listed as a tool, its implied use is for displaying example commands, not for executing commands based on user-provided data, which is stated to be analyzed by 'Claude'. There is no evidence of malicious intent, data exfiltration, or unauthorized execution in the `SKILL.md` instructions.

Capability Assessment

✓ Purpose & Capability

The name/description match the instructions: the skill asks users to provide az CLI exports (NSG lists, effective rules, firewall policies) and describes checks and remediation. It does not request unrelated credentials, binaries, or access.

ℹ Instruction Scope

SKILL.md stays within scope (it instructs the agent to analyze user-provided exports and not to run CLI against the user's account). Minor inconsistency: the front-matter lists 'tools: claude, bash' though the body emphasizes that the skill will not execute Azure CLI — this is likely informational but could confuse less technical users. The skill explicitly warns to confirm exported data contains no credentials before processing.

✓ Install Mechanism

No install spec and no code files — instruction-only, so nothing is written to disk or downloaded. This is the lowest-risk install model and matches the stated behavior.

✓ Credentials

No environment variables, no credentials, and no config paths are requested. The skill requests exported CLI output and recommends minimum RBAC roles for running those CLI commands locally; those requirements are proportionate to the auditing task.

✓ Persistence & Privilege

always is false and model invocation is allowed (platform default). The skill does not request persistent presence or modification of other skills or system-wide settings.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install nsg-firewall-auditor
After installation, invoke the skill by name or use /nsg-firewall-auditor
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release: Azure NSG & Firewall Auditor skill (v1.0.0). - Provides step-by-step instructions to audit Azure NSG rules and firewall policies for risky internet exposure. - Analyzes user-supplied exports of NSG, effective rules, and Azure Firewall policies for critical misconfigurations. - Checks for internet-exposed management/database ports, missing NSGs, permissive rules, and disabled flow logs. - Outputs findings with recommendations, including tightened JSON NSG rules and Azure Policy examples. - Recommends Azure Bastion and JIT VM Access for management port security. - Does not run CLI commands or request credentials; user provides exported data only.

Metadata

Slug nsg-firewall-auditor

Version 1.0.0

License —

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Nsg Firewall Auditor?

Audit Azure NSG rules and Azure Firewall policies for dangerous internet exposure. It is an AI Agent Skill for Claude Code / OpenClaw, with 333 downloads so far.

How do I install Nsg Firewall Auditor?

Run "/install nsg-firewall-auditor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Nsg Firewall Auditor free?

Yes, Nsg Firewall Auditor is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Nsg Firewall Auditor support?

Nsg Firewall Auditor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Nsg Firewall Auditor?

It is built and maintained by Anmol Nagpal (@anmolnagpal); the current version is v1.0.0.

More Skills