Framework Mapping
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be an instruction-only compliance mapping skill that reads user-provided documents and may fetch framework references, with no install code or credential use shown.
This skill looks appropriate for compliance document mapping. Before installing or invoking it, make sure you only provide documents you intend the agent to analyze, and be cautious with confidential policy, audit, or control evidence content.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may process sensitive compliance document content and retrieve external reference material during the mapping task.
The skill is permitted to read and search local files and fetch web content. This is consistent with mapping user-provided compliance documents to public framework controls, but users should ensure the agent is pointed only at intended documents and web sources.
allowed-tools: Read, Glob, Grep, WebFetch
Provide explicit file paths or document excerpts, avoid broad directory requests unless intended, and review any fetched sources or generated mappings before relying on them.