← 返回 Skills 市场
Nist Compliance Assessment
作者
Vahagn Madatyan
· GitHub ↗
· v1.0.0
· MIT-0
141
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install nist-compliance-assessment
功能描述
NIST Cybersecurity Framework (CSF) and SP 800-53 Rev 5 compliance assessment for network infrastructure. Maps device configuration against 6 control families...
安全使用建议
This skill is a documentation-driven, read-only checklist and vendor command reference for mapping network device configuration to NIST CSF / 800-53 controls. Before using it: (1) Confirm how your agent will obtain device credentials — do not store or expose privileged credentials; use scoped, read-only accounts or temporary credentials. (2) Ensure the SSH/client used by the agent exists on the host (SKILL.md metadata expects ssh). (3) Understand that many 'show' commands reveal sensitive secrets (hashes, SNMP community strings, TACACS/RADIUS endpoints); handle and store outputs securely. (4) If you do not want the agent to run these commands autonomously, restrict model/skill invocation or require user approval before running commands. (5) Verify the assessment boundary and permission to audit target devices to avoid unintended access or policy violations.
功能分析
Type: OpenClaw Skill
Name: nist-compliance-assessment
Version: 1.0.0
The skill bundle is a legitimate tool for performing NIST SP 800-53 and CSF compliance assessments on network infrastructure (Cisco, JunOS, EOS, and PAN-OS). The instructions in SKILL.md and the reference files (cli-reference.md, control-reference.md) focus exclusively on read-only auditing tasks using standard 'show' commands to verify security configurations. There is no evidence of malicious intent, data exfiltration, or unauthorized execution.
能力评估
Purpose & Capability
The name and description match the content: the SKILL.md and reference files provide vendor-specific read-only commands and control-to-CSF mappings appropriate for a network device compliance assessment. One minor inconsistency: the registry metadata listed no required binaries, while the SKILL.md metadata (openclaw field) indicates 'ssh' is required. Expectation that SSH or management API access exists is reasonable for this purpose.
Instruction Scope
Instructions are scoped to read-only verification commands and procedural assessment steps. They reference running 'show' commands that will reveal configuration and potentially sensitive items (password hashes, SNMP community strings, AAA server lists); this is expected for a compliance audit but is high-sensitivity data. The skill does not instruct reading unrelated local files or exfiltrating results to unknown endpoints.
Install Mechanism
No install spec or code is included (instruction-only), so nothing is written to disk or downloaded. This is the lowest-risk install mechanism and appropriate for a documentation/assessment skill.
Credentials
The skill declares no required environment variables or credentials in the registry, which is coherent for an instruction-only skill. However, practical use requires SSH/API credentials to the target devices (read-only privileges). Those credentials are not requested or described as environment variables by the skill — the user/agent must supply them at runtime. This omission is not malicious but users must ensure credentials provided to their agent are strictly read-only and scoped to the audit boundary.
Persistence & Privilege
The skill does not request persistent presence, does not include an install step, and does not set always:true. Model invocation is allowed (platform default), which means an agent could run the instructions autonomously if given credentials — this is expected for skills but poses operational risk only if credentials/spanning scope are too broad.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install nist-compliance-assessment - 安装完成后,直接呼叫该 Skill 的名称或使用
/nist-compliance-assessment触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: NIST Cybersecurity Framework (CSF) and SP 800-53 compliance assessment for network infrastructure.
- Maps device configuration against 6 NIST 800-53 Rev 5 control families highly relevant to network security (AC, AU, CM, IA, SC, SI)
- Focuses on CSF Protect (PR) and Detect (DE) functions for practical assessment
- Provides practical CLI command references for Cisco, Junos, EOS, and PAN-OS platforms
- Designed for FISMA, NIST 800-171, CMMC, and related audit/compliance use cases
- Read-only workflow—no modifying commands required; supports CLI or API device access
元数据
常见问题
Nist Compliance Assessment 是什么?
NIST Cybersecurity Framework (CSF) and SP 800-53 Rev 5 compliance assessment for network infrastructure. Maps device configuration against 6 control families... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 141 次。
如何安装 Nist Compliance Assessment?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install nist-compliance-assessment」即可一键安装,无需额外配置。
Nist Compliance Assessment 是免费的吗?
是的,Nist Compliance Assessment 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Nist Compliance Assessment 支持哪些平台?
Nist Compliance Assessment 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Nist Compliance Assessment?
由 Vahagn Madatyan(@vahagn-madatyan)开发并维护,当前版本 v1.0.0。
推荐 Skills