AuditClaw Azure

The skill's requirements, instructions, and code are coherent with an Azure read-only compliance-evidence collector; requested credentials and actions match its stated purpose.

This skill appears to do exactly what it says: read-only Azure inventory and Defender checks, then store evidence in your AuditClaw GRC database. Before installing/running: 1) Confirm you are comfortable granting a service principal Reader + Security Reader at the subscription scope (these are read-only but give broad visibility). 2) Install dependencies with pip (scripts/requirements.txt) in an isolated environment. 3) Review/verify the db path (--db-path) to ensure evidence is stored where you expect (default ~/.openclaw/grc/compliance.sqlite). 4) If you cannot or will not use a service principal, use Azure CLI or managed identity alternatives. 5) Note the small inconsistency: the registry shows no install spec while SKILL.md asks you to pip-install requirements — treat that as a packaging oversight and follow the README. If you want higher assurance, inspect the included python files (azure_evidence.py and checks/) yourself to confirm no unexpected network calls or hidden endpoints before providing credentials.