ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Prisma Access Audit

v1.0.0

Palo Alto Prisma Access SASE audit — security policy evaluation for mobile users and remote networks, GlobalProtect Cloud Service configuration review, servi...

0· 31·0 current·0 all-time
byVahagn Madatyan@vahagn-madatyan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name, description, and SKILL.md all describe a Prisma Access SASE audit and the runtime instructions only call Prisma/SCM/Insights APIs — this is coherent for the stated purpose. However the registry metadata at the top of the submission lists no required environment variables while the SKILL.md metadata declares a required PRISMA_ACCESS_API_KEY and the procedure describes OAuth client credentials or Panorama API keys; that mismatch (and an additional mention of Cortex Data Lake access in prerequisites) is inconsistent and should be clarified.
Instruction Scope
Instructions are focused on querying Strata Cloud Manager, Prisma Access Insights, and (legacy) Panorama Cloud Services endpoints to enumerate tenants, policies, tunnels, and telemetry. The steps do not instruct reading unrelated local files or sending data to external endpoints outside Palo Alto domains. They will retrieve potentially sensitive tenant/config and connected-user telemetry (usernames, client IPs, GP client versions), which is expected for an audit but is sensitive data that must be protected.
Install Mechanism
This is an instruction-only skill with no install spec and no code files — it does not write files to disk or download external artifacts. That reduces the filesystem/execution risk.
!
Credentials
The SKILL.md metadata and Procedure reference OAuth client_id/client_secret, Panorama username/password (API key), and access to Cortex Data Lake, but the registry-level requirements list no environment variables. The skill appears to require at least one Prisma credential and possibly additional telemetry credentials, yet those are not consistently declared. Requiring multiple high-privilege secrets (client_secret, service account bound to a TSG, or Panorama admin credentials) without clear, consistent declaration is a proportionality and transparency concern.
Persistence & Privilege
The skill is not always-enabled and is user-invocable only. It does not request persistent installation, does not modify other skills, and does not declare any platform privileges beyond calling the documented Palo Alto APIs.
What to consider before installing
This skill appears to do what it says (read-only audits against Prisma Access), but the packaging has inconsistencies you should clear up before installing or providing credentials. Ask the publisher to: (1) clearly list required credentials and environment variables (OAuth client_id/client_secret vs. Panorama API key vs. Cortex Data Lake token) and provide the exact env var names; (2) confirm minimal required roles (prefer a read-only Auditor/service-account scoped to the TSG rather than admin credentials); (3) explain how any retrieved user/telemetry data (usernames, IPs, client versions) is handled/stored; and (4) provide a test-mode or read-only verification run against a non-production tenant. Until those are answered, avoid supplying high-privilege credentials and prefer a short-lived, least-privilege service account limited to the audit scope.

Like a lobster shell, security has layers — review code before you run it.

latestvk97djhrcpt03tgjpfywgx24v99840rg7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments