← 返回 Skills 市场
krishnakumarmahadevan-cmd

OT Security Assessment

作者 ToolWeb · GitHub ↗ · v1.0.0 · MIT-0
linuxdarwinwin32 ✓ 安全检测通过
166
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install ot-security-assessment
功能描述
Assess OT/ICS security posture across 30 controls in 6 principles — Business Driven, Risk Based, Enterprise Wide, Methodical, OT Security Focused, and OT Sec...
安全使用建议
This skill is coherent but sends assessment data to https://portal.toolweb.in. Before installing or using it: (1) verify the portal and vendor reputation and read their privacy and data retention policies; (2) avoid sending highly sensitive production credentials or details — treat the controls data as potentially visible to the service operator; (3) review pricing/billing limits so you understand call costs; (4) create and use an account/API key with least privilege and rotate it if compromised; (5) if you need offline or internal-only assessments, do not rely on this skill since SKILL.md requires external API calls; (6) test with non-sensitive sample data first to confirm behavior. If you want, I can suggest checklist items to vet portal.toolweb.in or draft a minimal example controls payload you can use for a safe test call.
功能分析
Type: OpenClaw Skill Name: ot-security-assessment Version: 1.0.0 The skill functions as a legitimate interface for an OT security assessment service provided by ToolWeb.in. It collects user-provided security control statuses and transmits them via `curl` to a specific API endpoint (`portal.toolweb.in`) for processing. While the instructions in `SKILL.md` strictly mandate the use of the external API and prohibit the agent from using its own knowledge, this behavior is consistent with the tool's stated purpose as a commercial 'Agent-as-a-Service' wrapper and does not show evidence of malicious intent, data exfiltration of sensitive local files, or unauthorized command execution.
能力评估
Purpose & Capability
Name and description match the declared behavior: the skill is an API-backed OT/ICS assessment. The only required env var (TOOLWEB_API_KEY) and required binary (curl) are proportionate and expected for a remote assessment service.
Instruction Scope
The SKILL.md explicitly requires always calling the external ToolWeb API and forbids answering from local knowledge. This is coherent with a proprietary scoring service, but it means any user-provided OT/ICS details (including potentially sensitive infrastructure information) will be transmitted to the remote API. Users should be aware of data sensitivity and the portal's privacy/billing policies.
Install Mechanism
Instruction-only skill with no install spec or downloaded artifacts. No files are written or binaries installed by the skill itself — lowest-risk install posture.
Credentials
Only one required secret (TOOLWEB_API_KEY) is declared and used as the primary credential — proportional for a hosted API service. No unrelated credentials or config paths are requested.
Persistence & Privilege
The skill is not marked always:true and does not request system-wide persistence or modify other skills. Agent autonomous invocation is allowed (default) but not excessive on its own.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install ot-security-assessment
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /ot-security-assessment 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release — Industrial (OT/ICS) security assessment skill. - Assess OT/ICS security posture across 30 controls in 6 key principles. - Guides users through structured evaluation questions tied to each control. - Calls ToolWeb API to return expert OT security compliance scores and prioritized remediation guidance. - Requires TOOLWEB_API_KEY and curl; supports Linux, Mac, and Windows. - Outputs compliance percentage, risk level, gaps, and detailed findings by principle.
元数据
Slug ot-security-assessment
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

OT Security Assessment 是什么?

Assess OT/ICS security posture across 30 controls in 6 principles — Business Driven, Risk Based, Enterprise Wide, Methodical, OT Security Focused, and OT Sec... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 166 次。

如何安装 OT Security Assessment?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install ot-security-assessment」即可一键安装,无需额外配置。

OT Security Assessment 是免费的吗?

是的,OT Security Assessment 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

OT Security Assessment 支持哪些平台?

OT Security Assessment 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(linux, darwin, win32)。

谁开发了 OT Security Assessment?

由 ToolWeb(@krishnakumarmahadevan-cmd)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论