Checkpoint Firewall Audit
v1.0.0Check Point R80+/R81.x rulebase layer analysis with blade activation audit, SmartConsole management plane validation, NAT policy review, identity awareness a...
⭐ 0· 94·1 current·1 all-time
byVahagn Madatyan@vahagn-madatyan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The skill's name and description match the instructions: it documents read-only mgmt_cli/Web API and SSH/Expert-mode commands needed to audit Check Point R80+/R81.x environments. One mismatch: the SKILL.md metadata claims the skill requires the 'ssh' binary, but the registry metadata lists no required binaries; this is likely an authoring/metadata omission rather than a functional problem.
Instruction Scope
Instructions stay within audit scope and repeatedly emphasize read-only commands (show/stat/log queries). The procedure tells the agent to run mgmt_cli and gateway commands and to inspect local log paths (e.g., $FWDIR/log/) and connection tables — all reasonable for a policy audit. No instructions direct data to external endpoints or ask the agent to modify configuration.
Install Mechanism
There is no install spec and no code files to run; this is instruction-only, which reduces risk. The skill does not attempt to download or install third-party packages.
Credentials
The skill requires read-only Management API credentials and SSH access to gateways in order to perform the audit — these are proportional to the purpose. However, the registry lists no required env vars or primary credential while the instructions clearly expect credentials and reference environment variables like $FWDIR; the omission is a metadata gap the user should be aware of.
Persistence & Privilege
The skill is not always-enabled and does not install persistent components or change other skills or system-wide settings. Autonomous invocation is allowed (normal default) but not combined with any other concerning privileges.
Assessment
This skill is an instruction-only audit guide for Check Point R80+/R81.x and appears to be what it claims: it runs read-only mgmt_cli/Web API and SSH commands to collect policy, blade, NAT, and logging information. Before installing or using it: (1) only provide a least-privilege, read-only management account and separate SSH accounts limited to required read-only commands; (2) confirm mgmt_cli and ssh are available where the agent runs; (3) be aware the skill references local paths (e.g., $FWDIR/log/) and will read logs and system status — that is expected but sensitive; (4) note the registry metadata omitted declaring 'ssh' and the expected credential needs, so treat that as a documentation gap and verify source/trust before supplying credentials; (5) never supply full-administrator credentials unless you intend the agent to perform writes. Overall the behavior is coherent for a Check Point audit, but verify credentials and operational boundaries before use.Like a lobster shell, security has layers — review code before you run it.
latestvk97e182kqd0krm4hd8ysspetdh83df56
License
MIT-0
Free to use, modify, and redistribute. No attribution required.