← 返回 Skills 市场

Ai Intelligent Audit Logging

Name: Ai Intelligent Audit Logging
Author: yang1002378395-cmyk

作者 yang1002378395-cmyk · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

290

总下载

当前安装

版本数

在 OpenClaw 中安装

/install ai-intelligent-audit-logging

功能描述

审计日志，操作记录 + 合规审计。

使用说明 (SKILL.md)

AI 智能审计日志系统

描述

审计日志，操作记录 + 合规审计。

功能

操作记录（操作日志）
审计查询（审计查询）
合规检查（合规审计）
数据分析（行为分析）
报告生成（审计报告）

定价

基础版：¥99/月（10 万条/月）
专业版：¥499/月（100 万条/月）
企业版：¥1999/月（无限条）

适用场景

合规审计
操作审计
安全审计
数据审计

技术栈

Python + FastAPI
日志记录
审计查询
报告生成

安装

git clone https://github.com/openclaw-skills/ai-intelligent-audit-logging
cd ai-intelligent-audit-logging
pip install -r requirements.txt
python app.py

创建：2026-03-13 作者：OpenClaw Skills Team

安全使用建议

Do not clone or run the external repository until you verify its contents. This skill package contains no code and asks you to fetch and execute a GitHub repo—that could run arbitrary code or exfiltrate data. Steps to reduce risk before installing: 1) Ask the publisher for the repository owner, commit history, and a signed release or packaged code included in the skill bundle. 2) Manually inspect the GitHub repo (code, requirements.txt, app.py) for network calls, credential usage, or secret exfiltration before running. 3) Verify what environment variables and services (DB, object storage) the app needs and require them to be declared in the skill manifest. 4) If you must test it, run it in an isolated sandbox or container with no access to production credentials or sensitive data. 5) Prefer skills that include their code in the package or a reputable, well-audited release; avoid blindly executing 'git clone && pip install && python app.py'.

功能分析

Type: OpenClaw Skill Name: ai-intelligent-audit-logging Version: 1.0.0 The skill bundle contains only metadata and documentation without providing the actual implementation code. The SKILL.md file instructs the agent to clone an external repository (github.com/openclaw-skills/ai-intelligent-audit-logging) and execute it locally via 'python app.py'. This pattern is suspicious as it encourages the execution of unvetted remote code, which could serve as a vector for supply chain attacks, although no specific malicious payload is present in the provided text.

能力评估

⚠ Purpose & Capability

The name/description claim an audit-logging service which plausibly maps to a Python/FastAPI app, but the published package includes no code and no declared dependencies. The SKILL.md tells users to git clone and run a GitHub repo; a genuine packaged skill would normally include its code or declare required binaries (git, python, pip) and any credentials. The presence of pricing and product-like marketing in the SKILL.md further blurs whether this is an installable skill or merely a product ad.

⚠ Instruction Scope

Runtime instructions tell the agent/user to clone a remote repository and run pip install -r requirements.txt and python app.py. That directs fetching and executing arbitrary third-party code (server process) outside the agent's package—this goes beyond typical instruction-only guidance and could result in arbitrary code execution or unexpected network activity. The instructions do not ask to read system files or credentials explicitly, but they give broad discretion to run remote code.

⚠ Install Mechanism

There is no formal install spec in the registry; the SKILL.md recommends cloning from a GitHub URL. While GitHub is a common host, the registry package itself contains no code for audit, so the actual install would pull and run external code not vetted by the skill package. This is higher risk than an instruction-only skill that relies only on local, pre-installed binaries.

⚠ Credentials

The skill declares no required environment variables or primary credentials. That is inconsistent with a server-like audit logging product, which typically needs database credentials, storage/backing services, or API keys. The omission makes it unclear whether the external repo will prompt for or expect secrets at runtime—raising a risk that credentials could be requested or mishandled outside the skill manifest.

ℹ Persistence & Privilege

always is false and the skill is user-invocable (normal). However, the installation instructions start a long-running server (python app.py), which if executed would create persistent system presence and potentially open network ports. The skill itself does not request elevated platform privileges in its manifest, but following its instructions could create persistent services on the host.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install ai-intelligent-audit-logging
安装完成后，直接呼叫该 Skill 的名称或使用 /ai-intelligent-audit-logging 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

ai-intelligent-audit-logging v1.0.0 - Initial release with core features: operation logging, audit queries, compliance checks, behavioral data analysis, and report generation. - Provided tiered pricing plans (Basic, Professional, Enterprise) for different usage volumes. - Supports compliance, operation, security, and data audit scenarios. - Built with Python and FastAPI for robust and scalable audit log management. - Includes installation instructions for quick setup.

元数据

Slug ai-intelligent-audit-logging

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题