ClawHub

DVSA & Traffic Commissioner Audit Readiness (UK)

v1.0.0

Builds DVSA/Traffic Commissioner “show me” audit readiness checklists and evidence indexes. USE WHEN preparing for audits or operator licence scrutiny.

1· 1.8k·1 current·1 all-time
by@kowl64
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and included template assets align: the skill produces a 'today' checklist, evidence index, and gaps register for DVSA/TC audit readiness. There are no unexpected dependencies, binaries, or credentials requested that would be unrelated to this stated purpose.
Instruction Scope
SKILL.md instructions stay within scope: they ask the agent to gather audit context from the user, use supplied templates, and request internal SOPs only when needed. The instructions explicitly warn not to invent legal duties and to stop/ask for missing scope. They do not instruct reading system config, secret env vars, or posting to external endpoints.
Install Mechanism
No install spec and no code files beyond markdown templates — minimal risk. Nothing is downloaded or written by an installer during skill setup.
Credentials
The skill requests no environment variables or credentials. It optionally asks the user to paste internal SOPs/policies, which is reasonable for producing compliance artefacts but could expose sensitive business data if pasted — this is a user-controlled input risk, not a secret requested by the skill itself.
Persistence & Privilege
always is false, no config paths or persistent privileges are requested. The skill can be invoked autonomously (platform default), which is expected for user-invocable instruction-only skills and is not by itself a red flag here.
Assessment
This skill appears coherent and template-driven. Before using: (1) do not paste confidential credentials or PII into the input — only provide the minimum policy text needed; (2) confirm your platform's data-handling and storage policies if you will upload internal documents; (3) treat the outputs as operational checklists, not legal advice — have legal/compliance review any formal statements; (4) verify the 'where to find it' references point to your actual storage locations (avoid exposing internal network paths in shared outputs). If you need to preserve secrecy, redact sensitive details before pasting them into the agent.

Like a lobster shell, security has layers — review code before you run it.

latestvk979ysf9teetqrna7qe8n1ene97zcc6m

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments