ClawHub

AI Company Audit

v1.0.0

跨Agent审计日志规范(7类日志 + 合规检查点 + 审计追踪标准)

0· 44·1 current·1 all-time
by@johnsmithfan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description describe an audit-log standard; the SKILL.md contains schemas, retention, compliance checkpoints and natural-language commands. There are no unrelated env vars, binaries, or install steps requested. The declared dependency on other 'ai-company-*' skills is plausible for integration/coordination.
Instruction Scope
SKILL.md provides policy and example schemas and suggested NL commands only; it does not instruct the agent to read local files, access environment variables, call external endpoints, or exfiltrate data. It stays within the domain of documenting audit/log standards rather than performing data collection.
Install Mechanism
No install spec and no code files — lowest-risk form: pure instructions/documentation. Nothing is downloaded or written to disk by the skill itself.
Credentials
The skill requests no credentials, config paths, or system permissions. That is proportionate for a standards/guide document. Note: actual enforcement of these policies would require other components that may need credentials; those are not included here.
Persistence & Privilege
always: false and default invocation settings are used. The skill does not request persistent presence or special privileges and does not modify other skills or system-wide settings.
Assessment
This skill is essentially policy documentation and appears coherent and low-risk. Before enabling it in an agent: (1) recognize it does not itself implement or store logs—you still need concrete systems to enforce append-only storage, encryption, and retention; (2) review any dependent skills (ai-company-governance, ai-company-registry) for their permissions and credential needs before installing; and (3) if you expect automated enforcement, ensure the implementing components have appropriate access controls and audits, since this skill only prescribes standards.

Like a lobster shell, security has layers — review code before you run it.

ai-companyvk977msd5gf7101bet0n7q3zgj984rrjqauditvk977msd5gf7101bet0n7q3zgj984rrjqgovernancevk977msd5gf7101bet0n7q3zgj984rrjqlatestvk977msd5gf7101bet0n7q3zgj984rrjq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments