ClawHub

prisma-api

v1.0.1

Interact with the Strata Cloud Manager (SCM) API to manage Prisma Access configurations. Authenticate, query, create, update, and delete configuration object...

0· 16·0 current·0 all-time
byH@CKMEN@leesandao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, required env vars (SCM_CLIENT_ID, SCM_CLIENT_SECRET, SCM_TSG_ID), and required binaries (curl, jq) match the documented OAuth2 + REST API interactions against Palo Alto's SCM API.
Instruction Scope
SKILL.md contains explicit curl commands for auth and CRUD operations against api.sase.paloaltonetworks.com and the auth endpoint; it does not instruct reading unrelated files, other env vars, or sending data to unexpected endpoints. Safety rules (confirm before commit, logging) are present.
Install Mechanism
Instruction-only skill with no install spec or downloaded code; nothing is written to disk or pulled from external URLs by an installer.
Credentials
Three environment variables are requested and are appropriate for client-credentials OAuth to SCM. No unrelated secrets or config paths are requested.
Persistence & Privilege
always is false and the skill is not granted autonomous model invocation (disable-model-invocation: true), so it cannot run without user invocation; it does not request persistent system-wide privileges or modify other skills.
Assessment
This skill appears coherent with its stated purpose. Before installing: (1) confirm you trust the skill source (homepage points to a GitHub repo) and optionally review that repo; (2) be prepared to supply SCM_CLIENT_ID, SCM_CLIENT_SECRET, and SCM_TSG_ID — these credentials grant the ability to make live config changes in your tenant, so follow least-privilege and secure storage practices; (3) note the skill runs curl/jq commands and will actually call the Palo Alto auth and API endpoints when invoked, so avoid using production credentials until you're ready; (4) the skill is instruction-only (no installer) and cannot autonomously run (disable-model-invocation is true), but when you invoke it it will execute network requests — ensure you want that behavior (especially push operations) and confirm before committing changes as the SKILL.md recommends.

Like a lobster shell, security has layers — review code before you run it.

latestvk97efk4bzd9ax48nsdtjxvrmrs84n62e

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌐 Clawdis
Binscurl, jq
EnvSCM_CLIENT_ID, SCM_CLIENT_SECRET, SCM_TSG_ID
Primary envSCM_CLIENT_ID

Comments