← Back to Skills Marketplace

Permission Footprint Reviewer

Name: Permission Footprint Reviewer
Author: 52yuanchangxing

by vx：17605205782 · GitHub ↗ · v1.0.0 · MIT-0

darwinlinuxwin32 ✓ Security Clean

149

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install permission-footprint-reviewer

Description

梳理某个 Skill、脚本或工作流需要的权限，并提出最小权限替代方案。；use for permissions, least-privilege, security workflows；do not use for 绕过系统安全控制, 生成提权方法.

Usage Guidance

This skill appears to do what it claims: local, read-only auditing and structured recommendations. Before running: (1) inspect scripts/run.py yourself (it is included) and run with --dry-run to verify behavior; (2) avoid pointing the tool at system roots or directories with highly sensitive data unless you intend that scan; (3) prefer running in an isolated/sandbox workspace and review outputs before saving or sharing them; (4) remember the tool can write output files if you pass --output (omit or use --dry-run to avoid accidental writes).

Capability Analysis

Type: OpenClaw Skill Name: permission-footprint-reviewer Version: 1.0.0 The 'permission-footprint-reviewer' skill is a security auditing tool designed to analyze scripts and workflows for over-privileged configurations. The core logic in 'scripts/run.py' performs static analysis, scanning for risky patterns like 'curl|bash' or hardcoded secrets (which it masks before reporting), and generates structured Markdown reports. The instructions in 'SKILL.md' and 'README.md' are strictly aligned with its defensive purpose, explicitly forbidding the generation of privilege escalation methods or bypassing security controls.

Capability Assessment

✓ Purpose & Capability

Name/description match the actual behavior: the package is an audit helper that reads local inputs and produces structured reports. Declared requirement (python3) is proportional; no unrelated env vars or credentials are requested.

ℹ Instruction Scope

SKILL.md and scripts instruct the agent to read provided files/dirs (or use templates) and produce audit reports. This is within scope. Note: the runtime script will read arbitrary files under any user-supplied path (recursively up to configured limits), so providing a root/system path will make it scan many files and potentially surface sensitive content — this is expected for an auditor but worth being mindful of.

✓ Install Mechanism

No install spec; instruction-only with a local Python script. No downloads or external package installs are performed, minimizing install-time risk.

✓ Credentials

No environment variables, credentials, or config paths are required. The script only reads user-supplied input paths and local resource files included in the skill.

✓ Persistence & Privilege

always is false and the skill does not modify other skills or system-wide settings. It can write its own output file when asked (normal behavior) but otherwise operates read-only unless the user requests writes.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install permission-footprint-reviewer
After installation, invoke the skill by name or use /permission-footprint-reviewer
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release of permission-footprint-reviewer. - Provides a skill for auditing permissions required by scripts, skills, or workflows and suggests least-privilege alternatives. - Emphasizes safe boundaries: does not assist in bypassing controls or generating privilege escalation methods. - Offers a structured review including permission footprint, usage explanation, excessive permissions, least-privilege substitutions, isolation advice, and a review checklist. - Generates an explicit “review draft” before actionable checklists and flags missing information as “pending confirmation.” - Adheres to clearly defined audit, output, and runtime rules for safety and compliance.

Metadata

Slug permission-footprint-reviewer

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Permission Footprint Reviewer?

梳理某个 Skill、脚本或工作流需要的权限，并提出最小权限替代方案。；use for permissions, least-privilege, security workflows；do not use for 绕过系统安全控制, 生成提权方法. It is an AI Agent Skill for Claude Code / OpenClaw, with 149 downloads so far.

How do I install Permission Footprint Reviewer?

Run "/install permission-footprint-reviewer" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Permission Footprint Reviewer free?

Yes, Permission Footprint Reviewer is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Permission Footprint Reviewer support?

Permission Footprint Reviewer is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux, win32).

Who created Permission Footprint Reviewer?

It is built and maintained by vx：17605205782 (@52yuanchangxing); the current version is v1.0.0.

More Skills