Soc2
v1.0.0Security controls evidence, policies, and audit readiness. Use when preparing SOC2-style programs.
⭐ 0· 89·0 current·0 all-time
by@clawkk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description describe SOC 2 program guidance and the SKILL.md contains only procedural stages, checklists, and prompting guidance — no unrelated credentials, binaries, or system access are requested.
Instruction Scope
Instructions stay on-topic: they ask the agent to clarify context, propose a four-stage workflow, request user context, and provide checklists and failure modes. No instructions read files, access environment variables, invoke external endpoints, or collect unrelated system data.
Install Mechanism
There is no install spec and no code files — the skill is instruction-only, which minimizes disk writes and runtime risk.
Credentials
The skill declares no required environment variables, credentials, or config paths; that is proportional for a compliance-advice workflow.
Persistence & Privilege
Skill is not always-on and does not request special privileges or modifications to other skills or system configuration. Autonomous invocation is allowed by default but this is expected for user-invocable skills and is not combined with other red flags.
Assessment
This skill is a template-style SOC 2 workflow and appears safe to install from a permissions perspective. Remember: it provides guidance, not legal or audit authority — verify recommendations with your compliance team and auditors before acting. Do not paste real credentials or sensitive logs into the chat; supply only the contextual information needed (scope, systems, deadlines). If you require executable checks, integrations, or scripts to collect evidence, prefer vetted tools and explicit auth flows rather than pasting tokens into the skill.Like a lobster shell, security has layers — review code before you run it.
latestvk97epsh02da4018b4szq64v6zd83p9y6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.