ClawHub

Cyber Kill Chain

v1.0.0

Enterprise-grade cybersecurity framework assessment platform that evaluates organizational security controls across the kill chain spectrum.

0· 94·0 current·0 all-time
byToolWeb@krishnakumarmahadevan-cmd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, SKILL.md and openapi.json consistently describe an assessment API for mapping controls to kill-chain stages. There are no unexpected environment variables, binaries, or config paths requested that would be unrelated to an assessment tool.
Instruction Scope
SKILL.md contains API documentation, sample requests/responses, and endpoint descriptions only. It does not instruct the agent to read local files, access system state, harvest environment variables, or send data to unrelated endpoints.
Install Mechanism
No install spec and no code files beyond documentation (instruction-only). Nothing is written to disk or downloaded by an installer; this is the lowest-risk install posture.
Credentials
The skill declares no required environment variables, credentials, or config paths. That is proportionate for a documentation/ API-definition-only skill.
Persistence & Privilege
Flags show always:false (not forced), user-invocable, and normal autonomous invocation allowed. The skill does not request persistent system-level presence or modify other skills/configuration.
Assessment
This skill appears internally consistent and low-risk as delivered (documentation + OpenAPI). Before installing or sending real assessment data, verify the service provider (the package lists toolweb.in links but no official homepage), confirm the actual endpoint/host you will be calling, and avoid submitting sensitive production data until you’ve validated data handling, retention, and access controls. If you need stronger assurance, request an official SDK/hosted endpoint, TLS assurances, and a privacy/SLA statement from the provider.

Like a lobster shell, security has layers — review code before you run it.

latestvk978ajfmdbggkz9tgbh9zpc4c983ezkg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments