← Back to Skills Marketplace
492
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install afrexai-ai-safety-audit
Description
Performs a comprehensive AI safety audit mapping systems to EU AI Act risk tiers, assessing 30 controls across six domains, and generating a 90-day remediati...
README (SKILL.md)
AI Safety Audit
Comprehensive AI safety and alignment audit framework for businesses deploying AI agents. Built around the UK AI Security Institute Alignment Project standards (2026), EU AI Act requirements, and NIST AI RMF.
What This Skill Does
When activated, the agent performs a structured safety audit of your AI deployment:
- AI System Inventory — Catalogs all AI models, agents, and automated decision systems in use
- Risk Classification — Maps each system to EU AI Act risk tiers (Unacceptable/High/Limited/Minimal)
- Safety Controls Assessment — Evaluates 30 controls across 6 domains
- Gap Analysis — Identifies missing safeguards with severity and remediation cost
- Compliance Roadmap — Generates a prioritized 90-day action plan
6 Audit Domains (30 Controls)
1. Model Governance (5 controls)
- Model registry with version tracking
- Access control and deployment permissions
- Update and rollback procedures
- Vendor risk assessment for third-party models
- Model retirement and data deletion policy
2. Data Protection (5 controls)
- Data residency and sovereignty mapping
- PII detection and handling in AI pipelines
- Training data provenance documentation
- Data retention aligned with AI lifecycle
- Cross-border data transfer compliance
3. Output Safety (5 controls)
- Hallucination detection and mitigation
- Bias testing across protected characteristics
- Content filtering for harmful outputs
- Confidence scoring and uncertainty flagging
- Human-in-the-loop for high-stakes decisions
4. Security (5 controls)
- Prompt injection defense
- Model extraction prevention
- API rate limiting and abuse detection
- Adversarial input testing
- Supply chain security for AI dependencies
5. Monitoring & Observability (5 controls)
- Real-time output quality tracking
- Drift detection (data and model)
- Incident logging and alerting
- Performance degradation monitoring
- Cost tracking per AI workflow
6. Organizational Readiness (5 controls)
- Named AI safety officer
- Staff training program with completion tracking
- Board-level AI risk reporting
- Incident response playbook
- Third-party audit schedule
Scoring
Each control scores 0-3:
- 0 — Not implemented
- 1 — Partially implemented, no documentation
- 2 — Implemented with documentation
- 3 — Implemented, documented, tested, and audited
Total: 90 points max
- 0-30: Critical risk — stop deploying until gaps are addressed
- 31-55: High risk — remediate within 30 days
- 56-75: Moderate risk — address within 90 days
- 76-90: Strong posture — maintain and iterate
Regulatory Mapping
| Framework | Status | Key Requirements |
|---|---|---|
| EU AI Act | Enforcing 2026 | Risk classification, conformity assessment, transparency |
| UK AI Safety Institute | Active 2026 | Alignment testing, frontier model evaluation |
| NIST AI RMF | Published | Govern, Map, Measure, Manage lifecycle |
| ISO 42001 | Published | AI management system certification |
| SOC 2 + AI | Emerging | Agent-specific controls (CC6/CC7/CC8) |
Cost Benchmarks
| Company Size | Full Audit Cost | Annual Compliance | Non-Compliance Risk |
|---|---|---|---|
| 15-50 employees | $8K – $20K | $18K – $45K | $200K+ |
| 50-200 employees | $20K – $55K | $45K – $120K | $500K – $2M |
| 200-1000 employees | $55K – $150K | $120K – $400K | $2M – $10M |
Output Format
The agent delivers:
- Executive Summary — Overall score, top 3 risks, recommended actions
- Detailed Scorecard — All 30 controls with scores and evidence
- Gap Analysis — Missing controls ranked by risk severity
- 90-Day Roadmap — Phased remediation plan with cost estimates
- Board Report Template — One-page summary for leadership
Industry Adjustments
The audit adjusts control weighting based on industry:
- Healthcare: Output safety and data protection weighted 2x
- Financial Services: Model governance and monitoring weighted 2x
- Legal: Output safety (hallucination) weighted 3x
- Manufacturing: Security and monitoring weighted 2x
- Government/Defense: All domains weighted equally at maximum
Go Deeper
- AI Revenue Leak Calculator — Quantify what safety gaps cost your business
- Industry Context Packs ($47) — Pre-built compliance frameworks for your specific vertical
- Agent Setup Wizard — Deploy agents with safety controls from day one
Bundles
- AI Playbook — $27
- Pick 3 Industries — $97
- All 10 Industries — $197
- Everything Bundle — $247
Usage Guidance
This instruction-only skill appears coherent for performing an AI safety audit, but its runtime instructions are intentionally high-level and will require the agent to gather evidence (model inventories, documentation, logs, etc.). Before using it: 1) Decide which data sources you permit the agent to access and avoid handing long-lived credentials; prefer scoped, read-only accounts or temporary credentials. 2) Be cautious if you allow autonomous invocation — the agent could repeatedly attempt to collect data. 3) Confirm whether you want the agent to contact any external links or services (the SKILL.md contains promotional links to paid packs). 4) Test the skill in a controlled environment (non-production data) first and review any requested actions or outputs. If you want a stronger assessment, request the skill author provide explicit runtime steps (what data sources are read, what evidence formats are expected) or include code that enforces safe, read-only collection methods.
Capability Analysis
Type: OpenClaw Skill
Name: afrexai-ai-safety-audit
Version: 1.0.0
The skill bundle describes an AI Safety Audit framework. The `SKILL.md` and `README.md` files provide detailed information about the audit process, scoring, regulatory mapping, and commercial offerings. There are no explicit prompt injection attempts or instructions for the agent to perform actions outside the stated purpose, such as data exfiltration, arbitrary command execution, or hiding actions. External links are present but are presented as 'Go Deeper' resources for the user, not as direct commands for the agent to browse or interact with.
Capability Assessment
Purpose & Capability
Name, description, and SKILL.md all describe an AI safety audit and the included controls, scoring, and outputs align with that purpose. There are no unrelated required binaries, environment variables, or install steps that contradict the stated function.
Instruction Scope
The SKILL.md is high-level and prescriptive about what to produce (inventory, classification, scorecard, roadmap) but does not define concrete data sources or safe boundaries. This gives the agent broad discretion to ask for or attempt to collect inventory and evidence; that is reasonable for an audit but creates a scope/privilege risk if the agent is allowed to autonomously access systems or credentials without constraints.
Install Mechanism
No install spec and no code files — instruction-only skill. This minimizes on-disk execution risk because nothing will be downloaded or installed by the skill itself.
Credentials
The skill declares no required environment variables, credentials, or config paths. That is proportionate to an instruction-only audit template. Note: at runtime the agent may request credentials or access from the user to gather evidence; those requests are not part of the package and should be evaluated before granting.
Persistence & Privilege
always:false and no installable components — the skill does not request permanent presence or system-level changes. The agent may still be allowed to invoke the skill autonomously (platform default); that alone is not flagged but users should be mindful of the agent's allowed actions when the skill is active.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install afrexai-ai-safety-audit - After installation, invoke the skill by name or use
/afrexai-ai-safety-audit - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release — comprehensive AI safety and alignment audit framework for business AI deployments.
- Provides structured audits aligned with UK AI Safety Institute, EU AI Act, and NIST AI RMF standards.
- Assesses 30 safety controls across 6 critical domains, scoring implementation with clear risk tiers.
- Delivers executive summary, detailed scorecard, prioritized gap analysis, 90-day compliance roadmap, and board-ready reporting.
- Includes industry-specific adjustments for tailored control weighting.
- Maps out regulatory requirements and estimated compliance costs.
- Offers supporting tools for revenue risk estimation and rapid deployment of safety controls.
Metadata
Frequently Asked Questions
What is AI Safety Audit?
Performs a comprehensive AI safety audit mapping systems to EU AI Act risk tiers, assessing 30 controls across six domains, and generating a 90-day remediati... It is an AI Agent Skill for Claude Code / OpenClaw, with 492 downloads so far.
How do I install AI Safety Audit?
Run "/install afrexai-ai-safety-audit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is AI Safety Audit free?
Yes, AI Safety Audit is completely free (open-source). You can download, install and use it at no cost.
Which platforms does AI Safety Audit support?
AI Safety Audit is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created AI Safety Audit?
It is built and maintained by 1kalin (@1kalin); the current version is v1.0.0.
More Skills