ClawHub

Information Security Manager Iso27001

v2.1.1

ISO 27001 ISMS implementation and cybersecurity governance for HealthTech and MedTech companies. Use for ISMS design, security risk assessment, control imple...

2· 2.1k·13 current·13 all-time
byAlireza Rezvani@alirezarezvani
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (ISO 27001 & healthcare) match the included files: SKILL.md, guidance docs, and two Python tools for risk assessment and compliance checking. There are no unrelated binaries, cloud credentials, or configuration paths requested.
Instruction Scope
SKILL.md instructs running local Python scripts with CSV/JSON inputs and producing reports. The instructions reference only expected files (assets.csv, controls.csv, outputs) and ISO-related workflows; they do not direct reading of unrelated system files or sending data to external endpoints.
Install Mechanism
No install spec; skill is instruction- and script-only. No network downloads or archive extraction are specified, and provided Python scripts run locally.
Credentials
The skill declares no required environment variables, credentials, or config paths. The scripts take input files (CSV/JSON) and produce reports — this matches the stated purpose and does not ask for secrets or unrelated tokens.
Persistence & Privilege
always is false and the skill does not request persistent system-wide privileges. It runs local scripts when invoked; nothing in the manifest suggests modification of other skills or global agent settings.
Assessment
This skill appears to do what it says: local ISO27001/healthcare risk & compliance analysis. Before installing or running: (1) review the full Python scripts if you can — they process input CSVs and write output files; (2) avoid feeding real secrets or production credentials in the input CSVs (treat inputs as potentially sensitive); (3) run the tools in a controlled environment (sandbox or dev machine) if you want to be extra cautious; (4) if you need the agent to run these autonomously, be aware that the agent will execute local scripts and could read any files you point it to — restrict file paths and inputs accordingly.

Like a lobster shell, security has layers — review code before you run it.

latestvk974ej89f5tsy2tmyjjssk39en82khd2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments