ClawHub

Security Stack Builder

v1.0.0

Comprehensive cybersecurity technology stack recommendation platform that generates personalized security tool recommendations based on organizational assess...

0· 45·0 current·0 all-time
byToolWeb@krishnakumarmahadevan-cmd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (security stack recommendations) match the provided OpenAPI spec and SKILL.md request/response examples. Required capabilities are limited to accepting assessment data and returning recommendations — nothing extraneous is requested.
Instruction Scope
SKILL.md describes API endpoints and request/response formats only; it does not instruct the agent to read local files, environment variables, or system configuration, nor to call unrelated external endpoints.
Install Mechanism
No install spec and no code files that would be written or executed on the host — the skill is instruction-only, which minimizes installation risk.
Credentials
The skill declares no required environment variables, credentials, or config paths. The data needed (assessmentData) is appropriate for the stated purpose; no secrets or unrelated credentials are requested.
Persistence & Privilege
always is false, no system-wide config or other skills' config are modified, and the skill does not request permanent presence or elevated privileges.
Assessment
This skill appears coherent and instruction-only, but it models an external API: (1) Verify the vendor/source and hosting endpoint before sending real organizational data — the package has no homepage or provenance in the registry metadata. (2) Do not include secrets (API keys, passwords, cloud credentials) in assessmentData; send synthetic/non-sensitive examples for initial testing. (3) Confirm the API uses HTTPS and review the service's privacy/TOS and pricing (SKILL.md lists plans but no provider contact). (4) If you plan to rely on its recommendations for production decisions, validate outputs against independent expert review. If you need higher assurance, ask the publisher for a canonical homepage, contact info, or a signed software bill of materials before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk975kxshghb98ckyak30shmx1x83xbf2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments