← Back to Skills Marketplace
Nist Compliance Assessment
by
Vahagn Madatyan
· GitHub ↗
· v1.0.0
· MIT-0
141
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install nist-compliance-assessment
Description
NIST Cybersecurity Framework (CSF) and SP 800-53 Rev 5 compliance assessment for network infrastructure. Maps device configuration against 6 control families...
Usage Guidance
This skill is a documentation-driven, read-only checklist and vendor command reference for mapping network device configuration to NIST CSF / 800-53 controls. Before using it: (1) Confirm how your agent will obtain device credentials — do not store or expose privileged credentials; use scoped, read-only accounts or temporary credentials. (2) Ensure the SSH/client used by the agent exists on the host (SKILL.md metadata expects ssh). (3) Understand that many 'show' commands reveal sensitive secrets (hashes, SNMP community strings, TACACS/RADIUS endpoints); handle and store outputs securely. (4) If you do not want the agent to run these commands autonomously, restrict model/skill invocation or require user approval before running commands. (5) Verify the assessment boundary and permission to audit target devices to avoid unintended access or policy violations.
Capability Analysis
Type: OpenClaw Skill
Name: nist-compliance-assessment
Version: 1.0.0
The skill bundle is a legitimate tool for performing NIST SP 800-53 and CSF compliance assessments on network infrastructure (Cisco, JunOS, EOS, and PAN-OS). The instructions in SKILL.md and the reference files (cli-reference.md, control-reference.md) focus exclusively on read-only auditing tasks using standard 'show' commands to verify security configurations. There is no evidence of malicious intent, data exfiltration, or unauthorized execution.
Capability Assessment
Purpose & Capability
The name and description match the content: the SKILL.md and reference files provide vendor-specific read-only commands and control-to-CSF mappings appropriate for a network device compliance assessment. One minor inconsistency: the registry metadata listed no required binaries, while the SKILL.md metadata (openclaw field) indicates 'ssh' is required. Expectation that SSH or management API access exists is reasonable for this purpose.
Instruction Scope
Instructions are scoped to read-only verification commands and procedural assessment steps. They reference running 'show' commands that will reveal configuration and potentially sensitive items (password hashes, SNMP community strings, AAA server lists); this is expected for a compliance audit but is high-sensitivity data. The skill does not instruct reading unrelated local files or exfiltrating results to unknown endpoints.
Install Mechanism
No install spec or code is included (instruction-only), so nothing is written to disk or downloaded. This is the lowest-risk install mechanism and appropriate for a documentation/assessment skill.
Credentials
The skill declares no required environment variables or credentials in the registry, which is coherent for an instruction-only skill. However, practical use requires SSH/API credentials to the target devices (read-only privileges). Those credentials are not requested or described as environment variables by the skill — the user/agent must supply them at runtime. This omission is not malicious but users must ensure credentials provided to their agent are strictly read-only and scoped to the audit boundary.
Persistence & Privilege
The skill does not request persistent presence, does not include an install step, and does not set always:true. Model invocation is allowed (platform default), which means an agent could run the instructions autonomously if given credentials — this is expected for skills but poses operational risk only if credentials/spanning scope are too broad.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install nist-compliance-assessment - After installation, invoke the skill by name or use
/nist-compliance-assessment - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: NIST Cybersecurity Framework (CSF) and SP 800-53 compliance assessment for network infrastructure.
- Maps device configuration against 6 NIST 800-53 Rev 5 control families highly relevant to network security (AC, AU, CM, IA, SC, SI)
- Focuses on CSF Protect (PR) and Detect (DE) functions for practical assessment
- Provides practical CLI command references for Cisco, Junos, EOS, and PAN-OS platforms
- Designed for FISMA, NIST 800-171, CMMC, and related audit/compliance use cases
- Read-only workflow—no modifying commands required; supports CLI or API device access
Metadata
Frequently Asked Questions
What is Nist Compliance Assessment?
NIST Cybersecurity Framework (CSF) and SP 800-53 Rev 5 compliance assessment for network infrastructure. Maps device configuration against 6 control families... It is an AI Agent Skill for Claude Code / OpenClaw, with 141 downloads so far.
How do I install Nist Compliance Assessment?
Run "/install nist-compliance-assessment" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Nist Compliance Assessment free?
Yes, Nist Compliance Assessment is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Nist Compliance Assessment support?
Nist Compliance Assessment is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Nist Compliance Assessment?
It is built and maintained by Vahagn Madatyan (@vahagn-madatyan); the current version is v1.0.0.
More Skills