ClawHub

Compliance

v2.0.0

Track compliance requirements and generate audit trail reports. Use when auditing controls, checking policies, generating audit trails.

0· 162·1 current·1 all-time
by@bytesagain1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (compliance logging, audit trails) match the included script and SKILL.md. All commands are for recording, querying, exporting, and summarizing local log entries.
Instruction Scope
SKILL.md instructs the agent to run simple compliance commands that read/write only the stated data directory (~/.local/share/compliance). There are no instructions to read unrelated system files, credentials, or to call external endpoints.
Install Mechanism
No install spec is provided (instruction-only). A single bash script is bundled; it uses only standard Unix utilities. No downloads, package installs, or archive extraction are performed.
Credentials
The skill requests no environment variables, no credentials, and no config paths outside the user-local data directory. This is proportionate to a local logging tool.
Persistence & Privilege
always is false and the skill does not request persistent or elevated system-wide privileges. It writes only to a per-user data directory and does not modify other skills or global agent settings.
Assessment
This skill appears coherent and local-only, but review before installing: the tool stores unencrypted logs in ~/.local/share/compliance (history.log and per-command .log files) so avoid recording secrets or sensitive tokens in entries; consider setting restrictive file permissions (chmod 700 ~/.local/share/compliance) and a retention/cleanup policy. Exports create plaintext files (json/csv/txt) that may contain sensitive data — handle them like any other sensitive export. If you need encrypted storage or remote archival, extend the script or use a secure vault; otherwise the bundled script is simple and readable, and there are no signs of network exfiltration or unrelated credential access.

Like a lobster shell, security has layers — review code before you run it.

latestvk972btvp1ge0m6enyx4ttj2kax835vxc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments