← 返回 Skills 市场

Cloud Compliance Checker

Name: Cloud Compliance Checker
Author: krishnakumarmahadevan-cmd

作者 ToolWeb · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

185

总下载

当前安装

版本数

在 OpenClaw 中安装

/install cloud-compliance-checker

功能描述

Validates cloud infrastructure configurations against industry compliance standards and regulatory frameworks.

使用说明 (SKILL.md)

Overview

The Cloud Compliance Checker is a powerful API for auditing cloud infrastructure against multiple compliance standards and regulatory requirements. It enables security teams, cloud architects, and compliance officers to systematically verify that their cloud deployments meet required security postures and compliance benchmarks.

This tool supports major cloud providers and compliance frameworks, allowing organizations to perform automated compliance validation on their cloud configurations. Whether you're preparing for a security audit, maintaining continuous compliance, or validating infrastructure-as-code deployments, this API provides rapid, standardized compliance assessment against recognized standards.

Ideal users include DevSecOps teams automating compliance checks in CI/CD pipelines, cloud security engineers validating multi-cloud deployments, compliance auditors performing infrastructure reviews, and organizations managing regulatory obligations across diverse cloud environments.

Usage

Example Request:

{
  "provider": "aws",
  "standard": "cis",
  "config": "{\"region\": \"us-east-1\", \"scan_type\": \"full\"}"
}

Example Response:

{
  "compliance_status": "passed",
  "provider": "aws",
  "standard": "cis",
  "checks_performed": 156,
  "checks_passed": 154,
  "checks_failed": 2,
  "compliance_percentage": 98.7,
  "failed_checks": [
    {
      "check_id": "CIS-1.2",
      "title": "Ensure MFA is enabled for all IAM users",
      "severity": "high",
      "resource": "iam-user-admin"
    },
    {
      "check_id": "CIS-2.1",
      "title": "Ensure CloudTrail is enabled on all regions",
      "severity": "medium",
      "resource": "eu-west-1"
    }
  ],
  "timestamp": "2024-01-15T10:30:00Z",
  "scan_duration_seconds": 42
}

Endpoints

POST /check-compliance

Performs a comprehensive compliance audit against specified cloud provider and compliance standard.

Method: POST

Path: /check-compliance

Parameters:

Name	Type	Required	Description
`provider`	string	Yes	Cloud provider identifier (e.g., `aws`, `azure`, `gcp`, `kubernetes`)
`standard`	string	Yes	Compliance framework or standard (e.g., `cis`, `pci-dss`, `hipaa`, `sox`, `nist`, `iso27001`)
`config`	string	No	JSON string containing provider-specific configuration options. Default: `"{}"`. Supports parameters like region, scan_type, resource_filters, etc.

Response (200 - Success):

Returns a JSON object containing:

compliance_status: Overall status (passed/failed/warning)
provider: The cloud provider checked
standard: The compliance standard used
checks_performed: Total number of compliance checks executed
checks_passed: Number of passing checks
checks_failed: Number of failing checks
compliance_percentage: Percentage of checks passed
failed_checks: Array of failed checks with check_id, title, severity, and resource
timestamp: UTC timestamp of the scan
scan_duration_seconds: Time taken to complete the audit

Response (422 - Validation Error):

Returns validation error details when required parameters are missing or invalid.

{
  "detail": [
    {
      "loc": ["body", "provider"],
      "msg": "field required",
      "type": "value_error.missing"
    }
  ]
}

Pricing

Plan	Calls/Day	Calls/Month	Price
Free	5	50	Free
Developer	20	500	$39/mo
Professional	200	5,000	$99/mo
Enterprise	100,000	1,000,000	$299/mo

About

ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.

References

Kong Route: https://api.mkkpro.com/compliance/cloud-compliance
API Docs: https://api.mkkpro.com:8019/docs

安全使用建议

Before installing or using this skill, consider: (1) The skill will direct you to send cloud configuration data to external endpoints (toolweb.in / api.mkkpro.com). Do not send secrets, long-lived API keys, or production configuration until you verify the vendor. (2) Ask the publisher for an official homepage, privacy/security policy, and documentation describing what the remote API stores and how it protects submitted data. (3) Prefer scanning with an on-prem or vendor-trusted tool if you must process sensitive cloud state. (4) If you test, use non-sensitive sample configs. (5) If you need automated scans that access cloud APIs, prefer skills that explicitly declare required credentials and describe secure authentication flows (e.g., temporary role-based access) rather than asking you to paste credentials into free-text fields.

功能分析

Type: OpenClaw Skill Name: cloud-compliance-checker Version: 1.0.0 The skill facilitates the transmission of cloud infrastructure configuration data to an external third-party API (api.mkkpro.com) for compliance auditing. While this behavior is consistent with the stated purpose of the 'Cloud Compliance Checker', sending detailed cloud metadata to a remote endpoint is a high-risk activity that could lead to data exposure or reconnaissance. The 'config' parameter in SKILL.md and openapi.json is loosely defined, potentially encouraging the inclusion of sensitive environment details. No explicit malicious code or prompt injection was found, but the inherent risk of the data transit warrants a suspicious classification.

能力评估

⚠ Purpose & Capability

The SKILL.md describes performing compliance audits for cloud providers (AWS, Azure, GCP, Kubernetes). However, the skill declares no required environment variables, credentials, or config paths. Real cloud scans normally require provider credentials or explicit instructions for how to supply infrastructure state; that mismatch (no declared auth but capability to scan providers) is unexplained.

⚠ Instruction Scope

The instructions define a /check-compliance API and example requests that include a 'config' payload. They implicitly require sending potentially sensitive cloud configuration and possibly credentials to remote endpoints (toolweb.in / api.mkkpro.com). The SKILL.md does not constrain what to include in 'config' or warn about sensitive data, so it could result in exfiltration of secrets if a user provides them.

✓ Install Mechanism

Instruction-only skill with no install spec and no code files; nothing is written to disk or installed, which reduces supply-chain risk. The openapi.json is a local description only.

⚠ Credentials

No environment variables, credentials, or config paths are declared despite functionality that usually needs access to cloud accounts or infrastructure state. This could mean the service expects users to paste credentials/config into requests (risky) or that the skill is incomplete/underspecified.

✓ Persistence & Privilege

always is false and the skill is not forced-installed. Model invocation is allowed (default) but that is normal and not by itself a problem.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install cloud-compliance-checker
安装完成后，直接呼叫该 Skill 的名称或使用 /cloud-compliance-checker 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Cloud Compliance Checker 1.0.0 initial release - Launches an API for auditing cloud configurations against industry compliance standards. - Supports major providers (AWS, Azure, GCP, Kubernetes) and frameworks (CIS, PCI-DSS, HIPAA, SOX, NIST, ISO27001). - Provides detailed compliance results with check breakdowns and reporting on failures. - Designed for use by DevSecOps, security engineers, and compliance auditors for automated and on-demand assessments. - Includes tiered pricing: Free, Developer, Professional, and Enterprise options.

元数据

Slug cloud-compliance-checker

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题