ClawHub

Business Continuity Planner

v1.0.0

Create detailed business continuity and disaster recovery plans by mapping critical functions, setting recovery objectives, assessing risks, and generating c...

0· 658·0 current·0 all-time
by@1kalin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/README/SKILL.md all describe generating BCPs/DR plans; the questions the agent will ask (revenue impact, systems, vendors, contacts, RTO/RPO) are directly relevant to producing a BCP. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md instructs the agent to ask the user for business details (functions, revenue loss estimates, contact trees, vendor dependencies) and then produce a markdown document. This stays within scope for a BCP generator, but it will prompt for sensitive business data (revenue figures, staff contact info, vendor details). The instructions do not direct the agent to read local files, call unexpected external endpoints, or exfiltrate data.
Install Mechanism
There is no install spec and no code files — instruction-only skill. Nothing is written to disk or downloaded during install, which minimizes mechanical risk.
Credentials
The skill requests no environment variables, credentials, or config paths. The data it asks for is content-level (business details) rather than system-level secrets, which is proportionate for its goal.
Persistence & Privilege
always is false and the skill does not request to modify agent/system configuration. It does not ask for persistent tokens or privileges; autonomous invocation is allowed by platform default but presents no additional red flags here.
Assessment
This skill appears coherent and low-risk because it's instruction-only, but it will ask for sensitive business data (revenue impact, employee contact numbers, vendor dependencies). Before sharing sensitive details: (1) Confirm the platform's data handling and retention policy; (2) avoid pasting credentials or secrets into prompts; (3) consider using redacted or representative sample numbers for testing; (4) review and sanitize the generated BCP before distribution; and (5) if you require compliance (SOC2/ISO), validate outputs with your security/compliance lead. If you want extra caution, run the skill once with dummy/sanitized data to confirm behavior before feeding real sensitive information.

Like a lobster shell, security has layers — review code before you run it.

bcpvk97fzn5c3j8js6w40jgtqb06z9813f1gbusiness continuityvk97fzn5c3j8js6w40jgtqb06z9813f1gcompliancevk97fzn5c3j8js6w40jgtqb06z9813f1gdisaster recoveryvk97fzn5c3j8js6w40jgtqb06z9813f1glatestvk97fzn5c3j8js6w40jgtqb06z9813f1grisk managementvk97fzn5c3j8js6w40jgtqb06z9813f1g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments