← 返回 Skills 市场
347
总下载
0
收藏
2
当前安装
9
版本数
在 OpenClaw 中安装
/install ot-security-posture-scorecard
功能描述
Assess OT/ICS/SCADA security posture and generate risk scorecards with remediation guidance. Use when evaluating operational technology security, industrial...
安全使用建议
This skill appears coherent with its stated purpose, but before installing: (1) verify you trust the vendor (portal.toolweb.in) and their privacy/data-handling practices, since the skill will send assessment data to that endpoint; (2) only provide a dedicated API key with limited scope if possible; (3) be aware the included test script makes live network calls (to port 8443) and optionally uses python3 for pretty-printing; and (4) if you need higher assurance, contact the vendor for provenance (the repository lists a different support email in README) and test the skill in a controlled environment before using with real production data.
功能分析
Type: OpenClaw Skill
Name: ot-security-posture-scorecard
Version: 1.3.2
The skill is a legitimate security assessment tool designed to evaluate OT/ICS/SCADA environments by interfacing with a remote API (portal.toolweb.in). Its behavior is entirely consistent with its stated purpose of generating security scorecards based on user-provided organizational data and NIST CSF/IEC 62443 frameworks. While the 'scripts/test-api.sh' file contains a minor security vulnerability (using the 'curl -k' flag to bypass SSL verification), the primary execution instructions in 'SKILL.md' are properly configured, and no evidence of malicious intent, data exfiltration, or unauthorized access was found.
能力评估
Purpose & Capability
Name, description, required binary (curl), and the single required environment variable (TOOLWEB_API_KEY) match the declared purpose of calling an external OT assessment API. The included scripts and examples only exercise that API.
Instruction Scope
SKILL.md instructs the agent to gather OT/CSF input and POST it to https://portal.toolweb.in:8443/security/itotassessor using the TOOLWEB_API_KEY — this is in-scope. Minor notes: the test script formats JSON output with python3 if available (python3 is not declared as a required binary). No instructions read local files or other environment variables.
Install Mechanism
No install spec (instruction-only skill) and no downloads or extracted archives — lowest-risk install posture. Provided files are documentation and a simple test script.
Credentials
Only one credential is required (TOOLWEB_API_KEY) and it is the primary credential used to authorize requests to the stated external API. No unrelated secrets or system credentials are requested.
Persistence & Privilege
always:false and normal user-invocable/autonomous invocation defaults. The skill does not request persistent system privileges or attempt to modify other skills or system config.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install ot-security-posture-scorecard - 安装完成后,直接呼叫该 Skill 的名称或使用
/ot-security-posture-scorecard触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.3.2
- Updated pricing section: new subscription tiers (Free trial, Developer, Professional, Enterprise) with daily and monthly call limits/prices in USD.
- Removed details about previous INR-based pricing and international payment flow.
- Minor clarifications and formatting adjustments in the About and Pricing sections.
- No changes to API usage, workflow, or core functionality.
v1.3.1
- Documentation reformatted in SKILL.md for improved clarity and structure.
- No changes to skill logic, features, or API; functional behavior remains the same.
- Content is unchanged aside from formatting and minor readability adjustments.
v1.3.0
- No functional or feature changes; documentation-only update.
- SKILL.md was updated with minor formatting tweaks and a corrected section heading.
- Core workflow, usage, API, and error handling remain unchanged.
- No changes to code, functionality, prompts, or integration logic.
v1.2.0
No functional changes. Documentation (SKILL.md) updated for accuracy and clarity.
- Updated "About" section with new API count and additional platform information.
- Corrected and clarified several minor details throughout the documentation.
- No changes to features, API, or workflow logic.
v1.1.0
- No user-facing changes in this release; documentation (SKILL.md) was restored to its previous version.
- Functionality, workflow, and API integration remain unchanged.
v1.0.3
Updated display name
v1.0.2
Added international payment info for USD/EUR/GBP users via PayPal at checkout
v1.0.1
Added international payment info for USD/EUR/GBP users via PayPal at checkout
v1.0.0
Initial release: Assess OT/ICS/SCADA security posture and generate risk scorecards with remediation guidance.
- Provides risk ratings, gap analysis, and prioritized remediation steps aligned to IEC 62443 and NIST CSF.
- Collects user inputs on organization, sector, environment size, integration level, and maturity scores.
- Returns scorecard with overall score, risk level, executive summary, top 5 risks, and remediation roadmap.
- API access requires a TOOLWEB_API_KEY and curl.
- Includes clear error handling and a structured output format.
元数据
常见问题
OT Security Posture Scorecard 是什么?
Assess OT/ICS/SCADA security posture and generate risk scorecards with remediation guidance. Use when evaluating operational technology security, industrial... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 347 次。
如何安装 OT Security Posture Scorecard?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install ot-security-posture-scorecard」即可一键安装,无需额外配置。
OT Security Posture Scorecard 是免费的吗?
是的,OT Security Posture Scorecard 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
OT Security Posture Scorecard 支持哪些平台?
OT Security Posture Scorecard 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(linux, darwin, win32)。
谁开发了 OT Security Posture Scorecard?
由 ToolWeb(@krishnakumarmahadevan-cmd)开发并维护,当前版本 v1.3.2。
推荐 Skills