ClawHub

GDPR PCI Checklist

v1.0.0

Generate customized compliance checklists for GDPR and PCI-DSS standards based on company type.

0· 84·0 current·0 all-time
byToolWeb@krishnakumarmahadevan-cmd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name and description (generate GDPR/PCI checklists) match the SKILL.md and openapi.json. There are no unrelated binaries, credentials, or install steps requested.
Instruction Scope
The SKILL.md documents a POST /checklist endpoint and example requests/responses; it does not instruct the agent to read local files or environment variables. However, it implicitly points the agent to call external endpoints (api.mkkpro.com / toolweb.in), so runtime use will result in outbound network calls if the agent invokes the API.
Install Mechanism
No install spec and no code files — instruction-only. Nothing will be written to disk by an installer.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate for a documentation/HTTP API skill.
Persistence & Privilege
always is false, no special persistence or elevated privileges requested. Autonomous invocation is permitted (platform default) but not combined with other concerning flags.
Assessment
This skill is essentially API documentation that will cause the agent to call an external service (api.mkkpro.com / toolweb.in) when used. Before installing or invoking it: 1) Do not send real sensitive or PII-heavy examples to the API until you verify the provider's trustworthiness and privacy practices. 2) Confirm the external domain's legitimacy and that HTTPS/TLS is enforced. 3) If you plan to use the skill autonomously, be aware the agent may make outbound requests without further prompts — limit the data you allow the agent to include in requests. 4) If you need offline or on-prem checklist generation, prefer a local tool or provide canned templates instead of calling an external API. 5) If you want higher assurance, ask the publisher for a privacy/data-processing statement, SLA, and proof of ownership for the listed domains.

Like a lobster shell, security has layers — review code before you run it.

latestvk971n6w2papbrc6dmvm3qrpkm583bpke

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments