ClawHub

prisma-troubleshoot

v1.1.0

Troubleshoot Prisma Access issues including GlobalProtect connectivity, policy matching, tunnel status, SCM API errors, and configuration push failures. Use...

0· 72·0 current·0 all-time
byH@CKMEN@leesandao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, required binaries (curl), and required env vars (SCM_CLIENT_ID, SCM_CLIENT_SECRET, SCM_TSG_ID) are consistent with interacting with the Strata Cloud Manager API to diagnose Prisma Access issues.
Instruction Scope
SKILL.md stays on-topic (diagnostics for GlobalProtect, policy matching, tunnels, API errors, config pushes) and lists SCM API endpoints. It includes both read-only GETs and a POST for pushing candidate configs — so while troubleshooting is expected to call the SCM API, the presence of push endpoints means the agent (or a user following its instructions) could make configuration changes. The doc does not instruct reading unrelated files or other env vars.
Install Mechanism
Instruction-only skill with no install steps or third-party downloads; lowest install risk. It only requires curl to be present on PATH.
Credentials
The three required env vars appear directly related to SCM API usage (client id/secret for OAuth and TSG ID for authorization/tenant scoping). The primaryEnv is set to SCM_CLIENT_ID. Requesting a client secret is expected for authenticated API calls, but callers should provide least-privilege credentials.
Persistence & Privilege
always is false and the skill is not requesting persistent/privileged platform-level presence or modifying other skills' configs. Autonomous invocation is allowed (platform default) but not a unique privilege here.
Assessment
This skill appears to do what it says: it calls the Strata Cloud Manager API and therefore legitimately needs SCM credentials and curl. Before installing or running it: 1) Prefer scoped or read-only SCM credentials for troubleshooting; avoid supplying full admin secrets unless you intend to push changes. 2) Review any proposed POST/push commands before execution — the skill lists endpoints that can change configuration. 3) Test in a non-production environment where possible and confirm actions are audited. 4) Verify the GitHub homepage/repo yourself (https://github.com/leesandao/prismaaccess-skill) to confirm source and review any additional guidance or examples. If you want to prevent accidental changes, do not provide write-scoped secrets or avoid letting the agent execute API write calls autonomously.

Like a lobster shell, security has layers — review code before you run it.

latestvk977qs5qy7djb8dhyv8nrbgsw984ra8p

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔧 Clawdis
Binscurl
EnvSCM_CLIENT_ID, SCM_CLIENT_SECRET, SCM_TSG_ID
Primary envSCM_CLIENT_ID

Comments