← Back to Skills Marketplace

Risk Assessment Compliance

Name: Risk Assessment Compliance
Author: krishnakumarmahadevan-cmd

by ToolWeb · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

143

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install risk-assessment-compliance

Description

Performs comprehensive security checks and compliance risk assessments on websites and applications.

Usage Guidance

This skill appears to describe a third‑party security-scanning API but is missing crucial runtime details. Before installing or using it: (1) verify the publisher and their privacy/security policy (toolweb.in / api.mkkpro.com links are present but source is 'unknown'); (2) confirm the base API URL and how authentication/billing is handled — expect an API key even though none is declared; (3) avoid sending sensitive or internal URLs to an unverified external service (risk of data exposure); (4) request an explicit servers field or configuration instructions (OpenAPI 'servers' is missing) and declared env vars for any keys the skill needs; (5) prefer skills that clearly document endpoints, auth, and data-handling, or run your own scanner/hosted solution you control. If you proceed, test first with non-sensitive public targets and ask the publisher for credentials and a privacy/data-retention statement.

Capability Analysis

Type: OpenClaw Skill Name: risk-assessment-compliance Version: 1.0.0 The skill bundle is a standard API wrapper for a web security and compliance assessment service. It defines a single endpoint (/security-check) in openapi.json that accepts a URL for analysis, which is consistent with the documentation in SKILL.md. No evidence of malicious execution, data exfiltration, or prompt injection was found; the tool functions as a legitimate interface to external security scanning services hosted at api.mkkpro.com.

Capability Assessment

ℹ Purpose & Capability

The name/description and the included OpenAPI fragment describe a security assessment API and a /security-check endpoint, which is coherent with the stated purpose. However, the skill does not declare a base URL or any authentication requirements even though the SKILL.md references external commercial endpoints (toolweb.in, api.mkkpro.com) and pricing — this is an omission that makes the capability incomplete and unclear.

⚠ Instruction Scope

SKILL.md describes requests/responses and references external API hosts (api.mkkpro.com, toolweb.in) but gives no explicit runtime instruction on which host/URL to call or how to supply credentials. The instructions are vague/open-ended, which could cause the agent to (a) attempt network calls to third-party endpoints by inferring hosts from references, or (b) fail silently. There is also no guidance about handling sensitive targets (internal URLs) or data-handling/privacy considerations.

✓ Install Mechanism

Instruction-only skill with no install spec and no code files; nothing is written to disk by the skill itself. This is the lowest-risk install model.

⚠ Credentials

No required environment variables or primary credential are declared, yet the SKILL.md references a paid API and platforms (RapidAPI, portal.toolweb.in) where an API key or account would typically be required. The absence of declared auth variables is disproportionate to the claimed functionality and leaves open the question of how authentication and billing would be handled.

✓ Persistence & Privilege

The skill does not request persistent presence (always:false) and does not declare actions that modify agent or system-wide settings. Autonomous invocation is allowed (default) but not combined with other privilege escalations.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install risk-assessment-compliance
After installation, invoke the skill by name or use /risk-assessment-compliance
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

- Initial release of the Risk Assessment & Compliance skill. - Provides comprehensive security checks and compliance risk assessments for websites and applications. - Returns detailed reports including security score, compliance status, vulnerabilities, framework assessments (PCI-DSS, OWASP, GDPR), and risk level. - Offers a `/security-check` endpoint for automated analysis with remediation guidance. - Includes tiered pricing plans (Free, Developer, Professional, Enterprise) for API usage.

Metadata

Slug risk-assessment-compliance

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Risk Assessment Compliance?

Performs comprehensive security checks and compliance risk assessments on websites and applications. It is an AI Agent Skill for Claude Code / OpenClaw, with 143 downloads so far.

How do I install Risk Assessment Compliance?

Run "/install risk-assessment-compliance" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Risk Assessment Compliance free?

Yes, Risk Assessment Compliance is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Risk Assessment Compliance support?

Risk Assessment Compliance is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Risk Assessment Compliance?

It is built and maintained by ToolWeb (@krishnakumarmahadevan-cmd); the current version is v1.0.0.

More Skills