← Back to Skills Marketplace
leesandao

Prisma Access All-in-One

by H@CKMEN · GitHub ↗ · v1.1.0 · MIT-0
cross-platform ✓ Security Clean
122
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install prisma-access
Description
All-in-one Prisma Access management for Strata Cloud Manager (SCM). Generate configurations, audit against best practices, migrate between tenants, troublesh...
Usage Guidance
This skill appears to be what it claims: an SCM API client implemented as an instruction-only skill using curl and jq. Before installing, verify the GitHub homepage/source and trustworthiness of the author because the agent will transmit the SCM_CLIENT_SECRET (and any additional per-tenant credentials you set) to paloalto's SCM API endpoints. For migrations, the SKILL.md example uses SRC_/DST_ env var names not declared in the metadata—ensure you set appropriate source and destination credentials and use least-privilege accounts. Never paste secrets into chat messages; prefer setting credentials in your agent's secure environment. If you need higher assurance, review the GitHub repo content and test with a read-only or sandbox SCM account and use the skill's dry-run mode and explicit commit guardrails before performing any commits.
Capability Analysis
Type: OpenClaw Skill Name: prisma-access Version: 1.1.0 The prisma-access skill is a comprehensive management tool for Palo Alto Networks Strata Cloud Manager (SCM). It provides structured instructions for an AI agent to generate configurations, audit security policies, migrate data between tenants, and perform API operations using legitimate endpoints (e.g., api.sase.paloaltonetworks.com). The skill includes appropriate safety guardrails such as dry-run requirements and manual commit confirmations, and shows no signs of malicious intent, data exfiltration, or unauthorized execution logic in SKILL.md or _meta.json.
Capability Assessment
Purpose & Capability
Name/description (Prisma Access management for Strata Cloud Manager) match the requested binaries (curl, jq) and the required SCM API credentials (SCM_CLIENT_ID, SCM_CLIENT_SECRET, SCM_TSG_ID). The declared primary credential (SCM_CLIENT_ID) and declared env vars are plausible and proportionate for an SCM API integration.
Instruction Scope
SKILL.md is instruction-only and instructs the agent to generate SCM API-compatible JSON and call api.sase.paloaltonetworks.com endpoints using curl/jq — this is expected. One minor inconsistency: the migration section shows example environment variables (SRC_*/DST_* names) that are not listed in the skill's requires.env metadata; this means the skill expects additional per-tenant credentials for migrations but did not declare them as required. The instructions do not appear to request unrelated files or unrelated system credentials.
Install Mechanism
No install spec — instruction-only skill (lowest install risk). No downloads, no archives, and the required binaries are standard CLI tools already declared.
Credentials
The skill requests SCM_CLIENT_ID, SCM_CLIENT_SECRET, and SCM_TSG_ID, which are appropriate for SCM API access. However, tenant migration workflows implicitly require separate source/target credentials (the SKILL.md examples use SRC_/DST_ env var names) that are not declared in requires.env; the user must supply and manage those additional secrets when performing migrations. Treat SCM_CLIENT_SECRET and any SRC_/DST_* secrets as sensitive.
Persistence & Privilege
always:false and default invocation settings. The skill is instruction-only and does not request persistent system-wide privileges or modifications. It will, however, initiate network calls that can transmit supplied credentials to the SCM API — expected behavior for this type of integration.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install prisma-access
  3. After installation, invoke the skill by name or use /prisma-access
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
## v1.1.0 / 迁移兼容性矩阵 ### English Added real-world migration compatibility matrix: what can be migrated directly via SCM API, what requires manual handling. Key findings: Service Account permissions block URL/Data/AI profiles, conflict detection must check all folders, Profile Groups support partial migration. ### 中文 新增实测迁移兼容性矩阵:哪些可直接通过 SCM API 迁移,哪些需要手动处理。关键发现:Service Account 权限限制导致部分高级配置无法导出,冲突检测需覆盖所有 folder,配置组支持部分迁移。
v1.0.0
## v1.0.0 Initial Release / 首次发布 ### English All-in-one Prisma Access management skill for Strata Cloud Manager. Combines all 5 individual skills into a single install: - **config**: Generate SCM configurations (security policies, NAT, decryption, GlobalProtect, etc.) - **audit**: Audit against PAN-OS best practices, CIS benchmarks, Zero Trust - **migrate**: Tenant-to-tenant (TSG) configuration migration - **troubleshoot**: Diagnose GlobalProtect, policy matching, tunnel, API issues - **api**: Direct SCM API operations (auth, CRUD, config push) Individual skills also available: prisma-config, prisma-audit, prisma-migrate, prisma-troubleshoot, prisma-api. ### 中文 Prisma Access 一站式管理技能,面向 Strata Cloud Manager。将 5 个独立技能合并为一次安装: - **config**:生成 SCM 配置(安全策略、NAT、解密、GlobalProtect 等) - **audit**:根据 PAN-OS 最佳实践、CIS 基准、零信任审计 - **migrate**:租户间 (TSG) 配置迁移 - **troubleshoot**:诊断 GlobalProtect、策略匹配、隧道、API 问题 - **api**:直接操作 SCM API(认证、增删改查、配置推送) 也可单独安装:prisma-config、prisma-audit、prisma-migrate、prisma-troubleshoot、prisma-api。
Metadata
Slug prisma-access
Version 1.1.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is Prisma Access All-in-One?

All-in-one Prisma Access management for Strata Cloud Manager (SCM). Generate configurations, audit against best practices, migrate between tenants, troublesh... It is an AI Agent Skill for Claude Code / OpenClaw, with 122 downloads so far.

How do I install Prisma Access All-in-One?

Run "/install prisma-access" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Prisma Access All-in-One free?

Yes, Prisma Access All-in-One is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Prisma Access All-in-One support?

Prisma Access All-in-One is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Prisma Access All-in-One?

It is built and maintained by H@CKMEN (@leesandao); the current version is v1.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments