← Back to Skills Marketplace
dangsllc

Risk Assessment

by Dangsllc · GitHub ↗ · v0.1.0
cross-platform ✓ Security Clean
605
Downloads
0
Stars
7
Active Installs
1
Versions
Install in OpenClaw
/install risk-assessment
Description
Framework-directable information security risk assessment. Identifies threats, evaluates likelihood/impact via a 3x3 matrix, maps findings to any compliance...
Usage Guidance
This skill appears coherent and appropriate for producing formal risk assessments. Before installing or invoking it: only provide the context and documents you intend the agent to inspect (avoid uploading credentials, private keys, or unrelated system files); if the agent runtime exposes filesystem or network access, restrict those capabilities to a safe workspace; the examples reference using an API client (Anthropic) — do not hardcode API keys into skill files. Finally, review the generated findings before acting on them (the assistant's recommendations should be validated by a human assessor).
Capability Analysis
Type: OpenClaw Skill Name: risk-assessment Version: 0.1.0 The 'risk-assessment' skill bundle is a well-structured framework for performing information security risk assessments using standard methodologies (NIST CSF 2.0). The instructions in SKILL.md are strictly aligned with the stated purpose, and the accompanying Python example (usage.py) demonstrates legitimate integration with the Anthropic API without any signs of malicious execution, data exfiltration, or prompt injection.
Capability Assessment
Purpose & Capability
The name/description match the included SKILL.md and example. No binaries, env vars, or install steps are declared that would be unrelated to performing a written risk assessment.
Instruction Scope
The SKILL.md instructs the agent to review provided context, uploaded documents, and optional framework appendices — which is expected. However the allowed-tools list (Read, Glob, Grep, WebFetch) would permit the agent to read files or fetch URLs; ensure the agent runtime is only given access to documents you intend it to read (do not expose unrelated system files or secrets).
Install Mechanism
No install spec is present (instruction-only skill). Nothing is downloaded or written to disk by the skill itself.
Credentials
The skill declares no required environment variables, credentials, or config paths. Example code references an Anthropic client but that is an example only and not a declared runtime requirement of the skill.
Persistence & Privilege
always is false and disable-model-invocation is default (agent may invoke autonomously). This is normal; the skill does not request elevated or persistent system presence.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install risk-assessment
  3. After installation, invoke the skill by name or use /risk-assessment
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release of the risk-assessment skill, enabling structured, framework-aware information security risk assessments. - Identifies threats and vulnerabilities, evaluates likelihood and impact using a 3x3 matrix. - Maps risks to controls from any compliance framework (defaults to NIST CSF 2.0). - Provides risk treatment recommendations: remediate, accept, transfer, or avoid, with prioritization guidance. - Outputs findings in a standardized JSON schema for integration with risk register systems. - Includes detailed procedures, scoring criteria, and example assessments for clarity and consistency.
Metadata
Slug risk-assessment
Version 0.1.0
License
All-time Installs 7
Active Installs 7
Total Versions 1
Frequently Asked Questions

What is Risk Assessment?

Framework-directable information security risk assessment. Identifies threats, evaluates likelihood/impact via a 3x3 matrix, maps findings to any compliance... It is an AI Agent Skill for Claude Code / OpenClaw, with 605 downloads so far.

How do I install Risk Assessment?

Run "/install risk-assessment" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Risk Assessment free?

Yes, Risk Assessment is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Risk Assessment support?

Risk Assessment is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Risk Assessment?

It is built and maintained by Dangsllc (@dangsllc); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 Comments