← Back to Skills Marketplace
Firm Platform Audit Pack
by
romainsantoli-web
· GitHub ↗
· v1.0.0
306
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install firm-platform-audit-pack
Description
Platform alignment audit pack for OpenClaw 2026.2. Secrets v2, agent routing, voice security, trust model, autoupdate, plugin SDK, content boundaries, and sq...
README (SKILL.md)
firm-platform-audit-pack
⚠️ Contenu généré par IA — validation humaine requise avant utilisation.
Purpose
Validates alignment with OpenClaw platform version 2026.2. Audits Secrets v2 migration, agent routing policies, voice channel security, trust model configuration, autoupdate settings, plugin SDK compliance, content boundary enforcement, and sqlite-vec setup.
Tools (8)
| Tool | Description | Severity |
|---|---|---|
openclaw_secrets_v2_audit |
Secrets v2 migration readiness | CRITICAL |
openclaw_agent_routing_check |
Agent routing policy validation | HIGH |
openclaw_voice_security_check |
Voice channel security audit | HIGH |
openclaw_trust_model_check |
Trust model configuration | HIGH |
openclaw_autoupdate_check |
Autoupdate settings validation | MEDIUM |
openclaw_plugin_sdk_check |
Plugin SDK compliance | MEDIUM |
openclaw_content_boundary_check |
Content boundary enforcement | MEDIUM |
openclaw_sqlite_vec_check |
sqlite-vec extension configuration | MEDIUM |
Usage
skills:
- firm-platform-audit-pack
# Run platform alignment audit:
openclaw_secrets_v2_audit config_path=/path/to/config.json
openclaw_trust_model_check config_path=/path/to/config.json
openclaw_agent_routing_check config_path=/path/to/config.json
Requirements
mcp-openclaw-extensions >= 3.0.0- OpenClaw >= 2026.2
Usage Guidance
This instruction-only audit pack appears coherent with its stated purpose, but the source/homepage is missing. Before using: (1) confirm mcp-openclaw-extensions >=3.0.0 comes from a trusted repository and matches the expected vendor, (2) run the checks on a copy or non-production config if those files contain secrets, (3) review the actual implementation of the extension/tools if possible (the SKILL contains no code itself), and (4) treat AI-generated content as guidance only — validate results and outputs before making platform changes.
Capability Analysis
Type: OpenClaw Skill
Name: firm-platform-audit-pack
Version: 1.0.0
The skill bundle 'firm-platform-audit-pack' appears benign. Its stated purpose is to perform platform alignment audits using specific `openclaw_` audit tools. The `SKILL.md` provides clear instructions and examples consistent with this purpose, without any evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the AI agent. The dependency declaration (`mcp-openclaw-extensions`) is standard and does not indicate malice within this skill itself.
Capability Assessment
Purpose & Capability
The name/description align with an audit pack for OpenClaw 2026.2. The SKILL.md lists audit tools (secrets, routing, voice, trust, autoupdate, plugin SDK, content boundaries, sqlite-vec) and declares mcp-openclaw-extensions >= 3.0.0 as a requirement; these tools are plausibly provided by that extension. There are no unrelated credentials or binaries requested.
Instruction Scope
Instructions are minimal and simply show invoking audit commands with a config_path argument. That is coherent for an audit pack, but running these checks will require access to platform config files (which may contain secrets or sensitive settings). The SKILL warns that content was AI-generated and needs human validation — follow that guidance.
Install Mechanism
There is no install spec and no code files (instruction-only). This minimizes on-disk installation risk. The declared dependency on mcp-openclaw-extensions is reasonable for this purpose but you should obtain that extension from a trusted source.
Credentials
The skill does not request environment variables or credentials (none declared). However, it operates by taking a config_path — the config you point it at could contain secrets. That is expected for an audit tool, but you should be deliberate about which config files you provide.
Persistence & Privilege
Defaults are normal (always: false, agent invocation allowed). The skill does not request elevated/persistent platform presence or modify other skills. No persistence concerns are evident from the SKILL.md.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install firm-platform-audit-pack - After installation, invoke the skill by name or use
/firm-platform-audit-pack - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release — 8 tools: secrets v2, routing, voice, trust, autoupdate, plugin SDK
Metadata
Frequently Asked Questions
What is Firm Platform Audit Pack?
Platform alignment audit pack for OpenClaw 2026.2. Secrets v2, agent routing, voice security, trust model, autoupdate, plugin SDK, content boundaries, and sq... It is an AI Agent Skill for Claude Code / OpenClaw, with 306 downloads so far.
How do I install Firm Platform Audit Pack?
Run "/install firm-platform-audit-pack" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Firm Platform Audit Pack free?
Yes, Firm Platform Audit Pack is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Firm Platform Audit Pack support?
Firm Platform Audit Pack is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Firm Platform Audit Pack?
It is built and maintained by romainsantoli-web (@romainsantoli-web); the current version is v1.0.0.
More Skills