← 返回 Skills 市场
leesandao

prisma-audit

作者 H@CKMEN · GitHub ↗ · v1.1.0 · MIT-0
cross-platform ✓ 安全检测通过
116
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install prisma-audit
功能描述
Audit and validate Prisma Access configurations against best practices and security standards. Use when reviewing security policies, checking for misconfigur...
安全使用建议
This skill appears coherent for auditing Prisma Access configuration, but it will need actual config data to run. Before using it: (1) avoid pasting secrets or private keys—redact API keys, certificates, and passwords from configs; (2) prefer providing a sanitized file path rather than pasting full configs into chat; (3) inspect the upstream repository (homepage provided) if you want more assurance about how the agent will process input; and (4) if you are concerned about exfiltration, run the audit in an environment without outbound network access or use a local/manual review instead.
功能分析
Type: OpenClaw Skill Name: prisma-audit Version: 1.1.0 The skill bundle contains only metadata and instructions (SKILL.md) for an AI agent to perform security audits on Prisma Access configurations. There is no executable code, no network requests, and no instructions that would lead to data exfiltration or unauthorized access.
能力评估
Purpose & Capability
The name/description (Prisma Access configuration auditor) aligns with the SKILL.md: it describes checks for security policy, NAT, decryption, GlobalProtect, object hygiene, and compliance. There are no unrelated required binaries, env vars, or config paths that would be out of scope for a config auditor.
Instruction Scope
The skill accepts configuration via a file path or pasted JSON and enumerates detailed checks. That scope is appropriate for an auditor. Note: because it allows arbitrary file paths or pasted config, users may inadvertently provide sensitive secrets (API keys, certificates) in the config; the instructions do not specify how sensitive fields will be handled or whether data is transmitted externally.
Install Mechanism
No install spec or code files are present (instruction-only), so nothing is written to disk or downloaded by the skill itself. This is the lowest-risk install footprint.
Credentials
The skill declares no required environment variables or credentials, which is proportionate. However, auditing Prisma Access configs often involves parsing sensitive artifacts (certificates, secrets, IP pools). The skill does not request credentials but will process any secrets included in user-supplied configs—users should avoid pasting secrets unless necessary.
Persistence & Privilege
always is false and the skill does not request persistent agent-wide privileges. There is no indication it modifies other skills or system configuration.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install prisma-audit
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /prisma-audit 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
## v1.1.0 Version bump. Updated homepage URL. Part of the v1.1.0 release adding migration compatibility matrix to prisma-migrate.
v1.0.1
## v1.0.0 Initial Release / 首次发布 ### English Audit Prisma Access configurations against security best practices. **Audit categories:** - Security Policy: shadow rules, overly permissive rules, missing profiles/logging - NAT Policy: missing security rules, overlapping translations - Decryption Policy: bypassed traffic, expired certificates - GlobalProtect: weak auth, missing HIP checks, permissive split tunnel - Object Hygiene: unused objects, overlapping addresses, empty groups - Compliance: PAN-OS BPA, CIS Benchmark, Zero Trust alignment Outputs scored report (0-100) with CRITICAL/HIGH/MEDIUM/LOW/INFO findings. ### 中文 根据安全最佳实践审计 Prisma Access 配置。 **审计类别:** - 安全策略:影子规则、过于宽松的规则、缺失的配置文件/日志 - NAT 策略:缺失安全规则、重叠的转换 - 解密策略:绕过的流量、过期证书 - GlobalProtect:弱认证、缺失 HIP 检查、宽松的分隧道 - 对象卫生:未使用对象、重叠地址、空组 - 合规性:PAN-OS BPA、CIS 基准、零信任对齐 输出评分报告(0-100),按严重级别分类发现结果。
v1.0.0
Initial release: audit Prisma Access configurations against best practices
元数据
Slug prisma-audit
版本 1.1.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 3
常见问题

prisma-audit 是什么?

Audit and validate Prisma Access configurations against best practices and security standards. Use when reviewing security policies, checking for misconfigur... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 116 次。

如何安装 prisma-audit?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install prisma-audit」即可一键安装,无需额外配置。

prisma-audit 是免费的吗?

是的,prisma-audit 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

prisma-audit 支持哪些平台?

prisma-audit 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 prisma-audit?

由 H@CKMEN(@leesandao)开发并维护,当前版本 v1.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论