← 返回 Skills 市场

Compliance Checklist Gen

Name: Compliance Checklist Gen
Author: krishnakumarmahadevan-cmd

作者 ToolWeb · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

118

总下载

当前安装

版本数

在 OpenClaw 中安装

/install compliance-checklist-gen

功能描述

Generates industry-specific and region-specific compliance checklists to streamline regulatory adherence and audit preparation.

使用说明 (SKILL.md)

Overview

The Compliance Checklist Generator is a specialized API designed to automate the creation of compliance checklists tailored to your organization's industry and regulatory region. This tool eliminates manual checklist creation by leveraging compliance frameworks and regulatory requirements specific to your operational context.

By providing your industry vertical and geographic region, the API returns a comprehensive, actionable checklist that aligns with relevant compliance standards, regulations, and best practices. This significantly reduces the time and expertise required to prepare for audits, maintain regulatory compliance, and implement governance controls.

The Compliance Checklist Generator is ideal for security teams, compliance officers, risk managers, and internal audit functions seeking to standardize compliance assessment processes and ensure consistent coverage of regulatory requirements across their organization.

Usage

Sample Request:

{
  "industry": "Financial Services",
  "region": "United States"
}

Sample Response:

{
  "checklist_id": "ccg-20250115-fs-us-001",
  "industry": "Financial Services",
  "region": "United States",
  "generated_at": "2025-01-15T14:32:18Z",
  "checklist_items": [
    {
      "id": 1,
      "category": "Data Security",
      "requirement": "Implement encryption for data in transit and at rest",
      "framework": "NIST Cybersecurity Framework",
      "status": "pending"
    },
    {
      "id": 2,
      "category": "Access Control",
      "requirement": "Enforce multi-factor authentication for all user accounts",
      "framework": "SOC 2 Type II",
      "status": "pending"
    },
    {
      "id": 3,
      "category": "Audit & Monitoring",
      "requirement": "Maintain audit logs for a minimum of 7 years",
      "framework": "SEC Regulations",
      "status": "pending"
    }
  ],
  "total_items": 3,
  "estimated_completion_hours": 120
}

Endpoints

POST /generate-checklist

Description: Generates a compliance checklist customized for the specified industry and region.

Method: POST

Path: /generate-checklist

Request Parameters:

Parameter	Type	Required	Description
`industry`	string	Yes	The industry vertical for which the checklist is generated (e.g., "Financial Services", "Healthcare", "E-commerce", "Technology")
`region`	string	Yes	The geographic region or jurisdiction for which compliance requirements apply (e.g., "United States", "European Union", "Asia-Pacific", "Canada")

Response Schema (200 - Success):

The successful response returns a JSON object containing:

checklist_id (string): Unique identifier for the generated checklist
industry (string): The requested industry
region (string): The requested region
generated_at (string): ISO 8601 timestamp of generation
checklist_items (array): Array of compliance items, each containing:
- id (integer): Item identifier
- category (string): Compliance category (e.g., "Data Security", "Access Control")
- requirement (string): Specific compliance requirement
- framework (string): Applicable compliance framework (e.g., "NIST", "SOC 2", "GDPR")
- status (string): Current status of the item
total_items (integer): Total number of checklist items
estimated_completion_hours (integer): Estimated effort to complete all items

Error Responses:

Status Code	Description
422	Validation Error – Missing or invalid required parameters (`industry` or `region`)

Validation Error Response (422):

{
  "detail": [
    {
      "loc": ["body", "industry"],
      "msg": "field required",
      "type": "value_error.missing"
    }
  ]
}

Pricing

Plan	Calls/Day	Calls/Month	Price
Free	5	50	Free
Developer	20	500	$39/mo
Professional	200	5,000	$99/mo
Enterprise	100,000	1,000,000	$299/mo

About

ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.

References

Kong Route: https://api.mkkpro.com/compliance/checklist-generator
API Docs: https://api.mkkpro.com:8020/docs

安全使用建议

This skill appears to be a thin wrapper around an external hosted API (toolweb.in / api.mkkpro.com) with unclear provenance and inconsistent API documentation. Before installing or using it: (1) Do NOT send real or sensitive organizational data to it — test with non-sensitive dummy inputs first. (2) Ask the publisher for the exact base URL, authentication method, and a privacy/data-retention policy (who can access submitted data). (3) Verify the service's reputation (owner/site) or request a self-hostable/local alternative if you must process confidential compliance data. (4) Note the OpenAPI example/format mismatch — confirm expected request/response formats to avoid accidental data leaks. If you cannot verify the endpoint, credentials, and data handling, treat this skill as untrusted for real compliance workloads.

功能分析

Type: OpenClaw Skill Name: compliance-checklist-gen Version: 1.0.0 The skill is a legitimate tool designed to generate compliance checklists based on industry and geographic region. The OpenAPI specification (openapi.json) and documentation (SKILL.md) are consistent, defining a single POST endpoint that accepts non-sensitive string inputs. No evidence of data exfiltration, malicious execution, or prompt injection was found.

能力评估

ℹ Purpose & Capability

Name and description match the included SKILL.md and openapi.json: both describe an API that generates industry- and region-specific compliance checklists. That core purpose is coherent with the provided examples and endpoints. However, the registry metadata lists no homepage/source and the SKILL.md advertises external hosts (toolweb.in, api.mkkpro.com) that are not reflected in the registry provenance, which reduces trust.

⚠ Instruction Scope

The SKILL.md describes calling an external API (POST /generate-checklist at api.mkkpro.com / Kong route). It does not instruct reading local files or unrelated env vars, but it also does not declare how to authenticate, where exactly the base URL should come from, or any privacy/consent safeguards. The openapi.json and the JSON examples disagree in places (example shows JSON body/response; openapi uses application/x-www-form-urlencoded and an empty response schema). This ambiguity increases the chance the agent will send user-provided organizational context or sensitive details to an external service without clear constraints.

✓ Install Mechanism

Instruction-only skill with no install spec and no code files. No binaries or archives will be downloaded or written to disk by an installer — lowest install risk.

⚠ Credentials

The skill declares no required environment variables or credentials, which is plausible for a public demo API. But SKILL.md references external API endpoints and commercial pricing (plans), suggesting a hosted service that may require keys not declared. Because authentication, telemetry, and privacy terms are not specified, any organization-specific inputs supplied could be transmitted to a third party. The lack of declared credentials or data handling guidance is disproportionate to the risk of sending potentially sensitive compliance context.

✓ Persistence & Privilege

The skill is not always-included and uses default autonomous invocation settings. It does not request to modify other skills or system settings. No persistence or privileged system access is requested.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install compliance-checklist-gen
安装完成后，直接呼叫该 Skill 的名称或使用 /compliance-checklist-gen 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

- Initial release of Compliance Checklist Generator. - Automates creation of industry- and region-specific compliance checklists via API. - Supports streamlined audit preparation by mapping requirements to frameworks (e.g., NIST, SOC 2). - Includes sample API requests and responses, detailed endpoint documentation, and error handling info. - Provides tiered pricing plans, developer resources, and multiple support links.

元数据

Slug compliance-checklist-gen

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题