← 返回 Skills 市场
Palo Alto Firewall Audit
作者
Vahagn Madatyan
· GitHub ↗
· v1.0.0
· MIT-0
86
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install palo-alto-firewall-audit
功能描述
PAN-OS zone-based security policy audit with App-ID/Content-ID analysis, Security Profile Group validation, zone protection assessment, and decryption policy...
安全使用建议
This skill appears to describe a legitimate read-only Palo Alto firewall audit: the commands and procedures are appropriate. Before installing, confirm these points: (1) Which credential(s) are actually required — the SKILL.md mentions PAN_API_KEY but the registry lists none. If a PAN_API_KEY is required, only supply a key scoped to read-only access and limited to the specific Panorama/firewall hosts. (2) Ask the publisher why the metadata declares egress to *.paloaltonetworks.com:443 and an mcp dependency; verify whether the skill needs to reach Palo Alto cloud services (Pan-DB/WildFire) or an MCP helper — if not, restrict egress. (3) Prefer using local management endpoints (firewall or Panorama IPs) rather than exposing keys to external services. (4) If you have low tolerance for ambiguity, request an update with consistent registry metadata (declared env vars and dependencies) before enabling the skill. These inconsistencies look like sloppy packaging rather than outright malicious behavior, but they should be resolved before usage.
功能分析
Type: OpenClaw Skill
Name: palo-alto-firewall-audit
Version: 1.0.0
The skill bundle is a legitimate security audit tool for Palo Alto Networks PAN-OS firewalls. It provides a structured methodology for evaluating security policies, App-ID adoption, and zone protections using read-only CLI and API commands (e.g., 'show running security-policy'). The instructions in SKILL.md and the references in cli-reference.md and policy-model.md are consistent with professional network security auditing practices and contain no evidence of malicious intent, data exfiltration, or unauthorized execution.
能力评估
Purpose & Capability
The SKILL.md describes a focused, read-only PAN-OS security policy audit and the runtime instructions only reference PAN-OS CLI/XML/REST read-only commands — that is consistent with the stated purpose. However, the registry metadata provided with the skill (top-level requirements) lists no required environment variables or primary credential, while the SKILL.md embedded metadata (openclaw block) declares a required env var PAN_API_KEY and an mcp dependency. This mismatch between what the skill says it needs and what the registry claims is an incoherence that should be clarified.
Instruction Scope
The SKILL.md instructs only read-only interactions (show/test commands, GET XML API) against PAN-OS devices and Panorama. It does not instruct the agent to read unrelated host files, exfiltrate arbitrary data, or perform configuration changes. The scope of actions described is appropriate for an audit skill.
Install Mechanism
No install spec or code files are present; this is an instruction-only skill. That minimizes disk-write and supply-chain risk.
Credentials
Requiring a PAN_API_KEY for read-only API access would be proportionate. But the registry metadata supplied with the skill lists no required env vars while the SKILL.md openclaw metadata includes PAN_API_KEY and also an egressEndpoints entry (*.paloaltonetworks.com:443) and an mcpDependencies entry. These additional metadata fields are plausible but not justified by the instruction content (most commands target the local management interface or Panorama, not the Palo Alto cloud). The mismatch and the presence of an egress endpoint (which could allow outbound connections to paloaltonetworks.com) are suspicious until the author clarifies why external egress is needed and what exact credential scope is required (read-only API key only).
Persistence & Privilege
The skill is not marked always:true, has no install actions, and does not request system-level config paths or other skills' credentials. Autonomous invocation is allowed (platform default) but does not combine with other red flags to indicate elevated persistence or privilege.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install palo-alto-firewall-audit - 安装完成后,直接呼叫该 Skill 的名称或使用
/palo-alto-firewall-audit触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of the palo-alto-firewall-audit skill.
- Provides a comprehensive, rule-by-rule audit of PAN-OS security policies on Palo Alto Networks firewalls.
- Assesses App-ID and Content-ID adoption, Security Profile Group assignment, zone protection, and policy structure.
- Supports auditing for both PA-series and VM-series, including Panorama-managed device group hierarchies.
- Offers systematic procedures for zone inventory, permissiveness analysis, profile validation, and decryption policy review.
- Requires read-only administrative access and basic understanding of network zones and expected traffic flows.
元数据
常见问题
Palo Alto Firewall Audit 是什么?
PAN-OS zone-based security policy audit with App-ID/Content-ID analysis, Security Profile Group validation, zone protection assessment, and decryption policy... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 86 次。
如何安装 Palo Alto Firewall Audit?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install palo-alto-firewall-audit」即可一键安装,无需额外配置。
Palo Alto Firewall Audit 是免费的吗?
是的,Palo Alto Firewall Audit 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Palo Alto Firewall Audit 支持哪些平台?
Palo Alto Firewall Audit 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Palo Alto Firewall Audit?
由 Vahagn Madatyan(@vahagn-madatyan)开发并维护,当前版本 v1.0.0。
推荐 Skills