{ "schemaVersion": "1.0", "item": { "slug": "auditclaw-grc", "name": "AuditClaw GRC", "source": "tencent", "type": "skill", "category": "其他", "sourceUrl": "https://clawhub.ai/mailnike/auditclaw-grc", "canonicalUrl": "https://clawhub.ai/mailnike/auditclaw-grc", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/auditclaw-grc", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=auditclaw-grc", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "CHANGELOG.md", "README.md", "CONTRIBUTING.md", "scripts/requirements.txt", "scripts/check_ssl.py", "scripts/auth_provider.py" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/auditclaw-grc" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/auditclaw-grc", "agentPageUrl": "https://openagent3.xyz/skills/auditclaw-grc/agent", "manifestUrl": "https://openagent3.xyz/skills/auditclaw-grc/agent.json", "briefUrl": "https://openagent3.xyz/skills/auditclaw-grc/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "AuditClaw GRC", "body": "AI-native GRC assistant for OpenClaw. Manages compliance frameworks, controls, evidence, risks, policies, vendors, incidents, assets, training, vulnerabilities, access reviews, and questionnaires.\n\n97 actions | 30 tables | 13 frameworks | 990+ controls" }, { "title": "Security Model", "body": "Database: SQLite at ~/.openclaw/grc/compliance.sqlite with WAL mode, owner-only permissions (0o600)\nCredentials: Stored in ~/.openclaw/grc/credentials/ with per-provider directories, owner-only permissions (0o700 dirs, 0o600 files), atomic writes, and secure deletion (overwrite with random bytes before removal). Secrets are never logged or exposed in output. See scripts/credential_store.py for implementation.\nTrust center: Generates a local HTML file only. Nothing is published externally. The user decides where to host it.\nDependencies: requests==2.31.0 (pinned) for HTTP header scanning. Cloud integrations optionally use boto3 (AWS) and PyJWT (Azure) via try/except -- these are not required and only activate if installed and credentials are configured.\nScans: All security scans (headers, SSL, GDPR) run locally against user-specified URLs only.\nNo telemetry: No data is sent to external endpoints. All operations are local or to user-configured cloud accounts only." }, { "title": "Optional Environment Variables (for cloud integrations)", "body": "These are not required for core GRC functionality. They are only used when the user explicitly sets up cloud provider integrations via companion skills:\n\nVariableUsed byAWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEYAWS integration (via auditclaw-aws)GITHUB_TOKENGitHub integration (via auditclaw-github)AZURE_SUBSCRIPTION_ID / AZURE_CLIENT_ID / AZURE_CLIENT_SECRET / AZURE_TENANT_IDAzure integration (via auditclaw-azure)GCP_PROJECT_ID / GOOGLE_APPLICATION_CREDENTIALSGCP integration (via auditclaw-gcp)GOOGLE_WORKSPACE_SA_KEY / GOOGLE_WORKSPACE_ADMIN_EMAILGoogle Workspace (via auditclaw-idp)OKTA_ORG_URL / OKTA_API_TOKENOkta (via auditclaw-idp)" }, { "title": "Setup", "body": "python3 {baseDir}/scripts/init_db.py\npip install -r {baseDir}/scripts/requirements.txt\n\nDatabase: ~/.openclaw/grc/compliance.sqlite" }, { "title": "Voice and Formatting", "body": "Present data as formatted summaries, not raw JSON\nKeep messages under 4096 chars. Show top 5-10 rows, offer \"Want the full list?\"\nEmoji: ✅ complete, ⚠️ at-risk, 🔴 critical, 📊 scores, 📋 reports, 🔒 security\nInclude context: \"23/43 controls complete (53%)\" not just \"23\"\nAfter each action, suggest the next logical step" }, { "title": "Activation Triggers", "body": "Activate on: compliance, GRC, SOC 2, ISO 27001, HIPAA, GDPR, NIST, PCI DSS, CIS, CMMC, HITRUST, CCPA, FedRAMP, ISO 42001, SOX, ITGC, controls, evidence, risks, audit, gap analysis, security posture, compliance score, framework, security scan." }, { "title": "Database Operations", "body": "All queries go through: python3 {baseDir}/scripts/db_query.py --action [args]\n\nOutput is JSON. Parse and present as human-readable summaries. For full action reference with all arguments: {baseDir}/references/db-actions.md" }, { "title": "Core Actions", "body": "ActionPurposestatusOverall compliance overviewactivate-framework --slug soc2Load framework controlsgap-analysis --framework soc2Gaps with priority and effortscore-history --framework soc2Score trend over timelist-controls --framework soc2 --status in_progressFiltered controlsupdate-control --id 5 --status completeUpdate control (also batch: --id 1,2,3)add-evidence --title \"...\" --control-ids 1,2,3Record evidenceadd-risk --title \"...\" --likelihood 3 --impact 4Log a riskadd-vendor --name \"...\" --criticality highRegister vendoradd-incident --title \"...\" --severity criticalLog incidentgenerate-report --framework soc2HTML compliance reportgenerate-dashboardDashboard summary + Canvas HTMLexport-evidence --framework soc2ZIP package for auditorslist-companionsShow installed companion skills" }, { "title": "Additional Action Categories", "body": "Policies: add, version, submit approval, review, require acknowledgment\nTraining: add modules, assign, track completion, list overdue\nVulnerabilities: add with CVE/CVSS, track remediation\nAccess Reviews: create campaigns, add items, approve/revoke\nQuestionnaires: create templates, send to vendors, record answers, score\nIncidents: add actions (timeline), post-incident reviews, summary with MTTR\nAssets: register with classification, lifecycle, encryption/backup/patch status\nAlerts: add, list, acknowledge, resolve\nIntegrations: add provider, test connection, setup guide, show policy" }, { "title": "Framework Activation", "body": "Run: python3 {baseDir}/scripts/db_query.py --action activate-framework --slug \n\nFrameworkSlugControlsSOC 2 Type IIsoc243ISO 27001:2022iso27001114HIPAA Security Rulehipaa29GDPRgdpr25NIST CSFnist-csf31PCI DSS v4.0pci-dss30CIS Controls v8cis-controls153CMMC 2.0cmmc113HITRUST CSF v11hitrust152CCPA/CPRAccpa28FedRAMP Moderatefedramp282ISO 42001:2023iso4200140SOX ITGCsox-itgc50\n\nFramework reference docs: {baseDir}/references/frameworks/" }, { "title": "Compliance Score", "body": "Run: python3 {baseDir}/scripts/compliance_score.py [--framework ] [--store]\n\nReturns score (0-100), health distribution, trend, and drift detection. Use --store to save for tracking. Methodology: {baseDir}/references/scoring-methodology.md" }, { "title": "Security Scanning", "body": "Headers: python3 {baseDir}/scripts/check_headers.py --url (CSP, HSTS, X-Frame-Options, etc.)\nSSL/TLS: python3 {baseDir}/scripts/check_ssl.py --domain (cert validity, chain, cipher)\nGDPR: Browser-based cookie consent check (requires Chromium)\n\nAfter scans, offer to save results as evidence." }, { "title": "Reports and Exports", "body": "Report: python3 {baseDir}/scripts/generate_report.py --framework --format html\nTrust center: python3 {baseDir}/scripts/generate_trust_center.py [--org-name \"Acme Corp\"] (local HTML only)\nEvidence export: python3 {baseDir}/scripts/export_evidence.py --framework " }, { "title": "First-Time Setup", "body": "When user asks to set up compliance: initialize DB silently, present framework options with control counts and use cases, offer gap analysis after activation." }, { "title": "Smart Defaults", "body": "Evidence type: infer from context (manual/automated/integration)\nRisk assessment: suggest likelihood/impact with reasoning, confirm before saving\nBulk operations: list exactly what will change, confirm, report summary" }, { "title": "Proactive Suggestions", "body": "After framework activation -> offer gap analysis and cloud integration setup.\nAfter marking controls complete -> offer score recalculation.\nAfter scanning -> offer to save as evidence.\nAfter scoring (< 30%) -> prioritize critical controls. (>= 90%) -> offer audit report." }, { "title": "Slash Commands", "body": "CommandAction/grc-scoreQuick compliance score/grc-gapsPriority gaps/grc-scanSecurity scan menu/grc-reportGenerate report/grc-risksRisk register/grc-incidentsActive incidents/grc-trustGenerate trust center" }, { "title": "Scheduled Alerts (Cron)", "body": "Register via OpenClaw cron tool:\n\nEvidence expiry: daily 7 AM\nScore recalc: every 6 hours\nWeekly digest: Monday 8 AM\n\nAlways include \"Using auditclaw-grc skill\" in cron messages for routing." }, { "title": "Companion Skills", "body": "Optional add-ons for automated cloud evidence collection. Evidence flows into the shared GRC database.\n\nSkillChecksSetupauditclaw-aws15 AWS checks (S3, IAM, CloudTrail, VPC, etc.)aws configure with read-only IAM policyauditclaw-github9 GitHub checks (branch protection, secrets, 2FA, etc.)GITHUB_TOKEN env varauditclaw-azure12 Azure checks (storage, NSG, Key Vault, etc.)Service principal with Reader + Security Readerauditclaw-gcp12 GCP checks (storage, firewall, IAM, etc.)GOOGLE_APPLICATION_CREDENTIALS with Viewer + Security Reviewerauditclaw-idp8 identity checks (Google Workspace + Okta)SA key + admin email / Okta API token\n\nInstall: clawhub install auditclaw-\n\nIf a user asks to connect a cloud provider, check list-companions first. If not installed, guide them to install it." }, { "title": "Integration Setup", "body": "Say \"setup aws\", \"setup github\", etc. to get step-by-step guides with exact permissions. Use \"test aws connection\" to verify before running scans." }, { "title": "Reference Files", "body": "{baseDir}/references/db-actions.md - Full action reference with all arguments\n{baseDir}/references/schema.md - Database schema\n{baseDir}/references/scoring-methodology.md - Scoring algorithm\n{baseDir}/references/commands/ - Detailed command guides\n{baseDir}/references/frameworks/ - Framework reference docs\n{baseDir}/references/integrations/ - Cloud integration guides" } ], "body": "AuditClaw GRC\n\nAI-native GRC assistant for OpenClaw. Manages compliance frameworks, controls, evidence, risks, policies, vendors, incidents, assets, training, vulnerabilities, access reviews, and questionnaires.\n\n97 actions | 30 tables | 13 frameworks | 990+ controls\n\nSecurity Model\nDatabase: SQLite at ~/.openclaw/grc/compliance.sqlite with WAL mode, owner-only permissions (0o600)\nCredentials: Stored in ~/.openclaw/grc/credentials/ with per-provider directories, owner-only permissions (0o700 dirs, 0o600 files), atomic writes, and secure deletion (overwrite with random bytes before removal). Secrets are never logged or exposed in output. See scripts/credential_store.py for implementation.\nTrust center: Generates a local HTML file only. Nothing is published externally. The user decides where to host it.\nDependencies: requests==2.31.0 (pinned) for HTTP header scanning. Cloud integrations optionally use boto3 (AWS) and PyJWT (Azure) via try/except -- these are not required and only activate if installed and credentials are configured.\nScans: All security scans (headers, SSL, GDPR) run locally against user-specified URLs only.\nNo telemetry: No data is sent to external endpoints. All operations are local or to user-configured cloud accounts only.\nOptional Environment Variables (for cloud integrations)\n\nThese are not required for core GRC functionality. They are only used when the user explicitly sets up cloud provider integrations via companion skills:\n\nVariable\tUsed by\nAWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY\tAWS integration (via auditclaw-aws)\nGITHUB_TOKEN\tGitHub integration (via auditclaw-github)\nAZURE_SUBSCRIPTION_ID / AZURE_CLIENT_ID / AZURE_CLIENT_SECRET / AZURE_TENANT_ID\tAzure integration (via auditclaw-azure)\nGCP_PROJECT_ID / GOOGLE_APPLICATION_CREDENTIALS\tGCP integration (via auditclaw-gcp)\nGOOGLE_WORKSPACE_SA_KEY / GOOGLE_WORKSPACE_ADMIN_EMAIL\tGoogle Workspace (via auditclaw-idp)\nOKTA_ORG_URL / OKTA_API_TOKEN\tOkta (via auditclaw-idp)\nSetup\npython3 {baseDir}/scripts/init_db.py\npip install -r {baseDir}/scripts/requirements.txt\n\n\nDatabase: ~/.openclaw/grc/compliance.sqlite\n\nVoice and Formatting\nPresent data as formatted summaries, not raw JSON\nKeep messages under 4096 chars. Show top 5-10 rows, offer \"Want the full list?\"\nEmoji: ✅ complete, ⚠️ at-risk, 🔴 critical, 📊 scores, 📋 reports, 🔒 security\nInclude context: \"23/43 controls complete (53%)\" not just \"23\"\nAfter each action, suggest the next logical step\nActivation Triggers\n\nActivate on: compliance, GRC, SOC 2, ISO 27001, HIPAA, GDPR, NIST, PCI DSS, CIS, CMMC, HITRUST, CCPA, FedRAMP, ISO 42001, SOX, ITGC, controls, evidence, risks, audit, gap analysis, security posture, compliance score, framework, security scan.\n\nDatabase Operations\n\nAll queries go through: python3 {baseDir}/scripts/db_query.py --action [args]\n\nOutput is JSON. Parse and present as human-readable summaries. For full action reference with all arguments: {baseDir}/references/db-actions.md\n\nCore Actions\nAction\tPurpose\nstatus\tOverall compliance overview\nactivate-framework --slug soc2\tLoad framework controls\ngap-analysis --framework soc2\tGaps with priority and effort\nscore-history --framework soc2\tScore trend over time\nlist-controls --framework soc2 --status in_progress\tFiltered controls\nupdate-control --id 5 --status complete\tUpdate control (also batch: --id 1,2,3)\nadd-evidence --title \"...\" --control-ids 1,2,3\tRecord evidence\nadd-risk --title \"...\" --likelihood 3 --impact 4\tLog a risk\nadd-vendor --name \"...\" --criticality high\tRegister vendor\nadd-incident --title \"...\" --severity critical\tLog incident\ngenerate-report --framework soc2\tHTML compliance report\ngenerate-dashboard\tDashboard summary + Canvas HTML\nexport-evidence --framework soc2\tZIP package for auditors\nlist-companions\tShow installed companion skills\nAdditional Action Categories\nPolicies: add, version, submit approval, review, require acknowledgment\nTraining: add modules, assign, track completion, list overdue\nVulnerabilities: add with CVE/CVSS, track remediation\nAccess Reviews: create campaigns, add items, approve/revoke\nQuestionnaires: create templates, send to vendors, record answers, score\nIncidents: add actions (timeline), post-incident reviews, summary with MTTR\nAssets: register with classification, lifecycle, encryption/backup/patch status\nAlerts: add, list, acknowledge, resolve\nIntegrations: add provider, test connection, setup guide, show policy\nFramework Activation\n\nRun: python3 {baseDir}/scripts/db_query.py --action activate-framework --slug \n\nFramework\tSlug\tControls\nSOC 2 Type II\tsoc2\t43\nISO 27001:2022\tiso27001\t114\nHIPAA Security Rule\thipaa\t29\nGDPR\tgdpr\t25\nNIST CSF\tnist-csf\t31\nPCI DSS v4.0\tpci-dss\t30\nCIS Controls v8\tcis-controls\t153\nCMMC 2.0\tcmmc\t113\nHITRUST CSF v11\thitrust\t152\nCCPA/CPRA\tccpa\t28\nFedRAMP Moderate\tfedramp\t282\nISO 42001:2023\tiso42001\t40\nSOX ITGC\tsox-itgc\t50\n\nFramework reference docs: {baseDir}/references/frameworks/\n\nCompliance Score\n\nRun: python3 {baseDir}/scripts/compliance_score.py [--framework ] [--store]\n\nReturns score (0-100), health distribution, trend, and drift detection. Use --store to save for tracking. Methodology: {baseDir}/references/scoring-methodology.md\n\nSecurity Scanning\nHeaders: python3 {baseDir}/scripts/check_headers.py --url (CSP, HSTS, X-Frame-Options, etc.)\nSSL/TLS: python3 {baseDir}/scripts/check_ssl.py --domain (cert validity, chain, cipher)\nGDPR: Browser-based cookie consent check (requires Chromium)\n\nAfter scans, offer to save results as evidence.\n\nReports and Exports\nReport: python3 {baseDir}/scripts/generate_report.py --framework --format html\nTrust center: python3 {baseDir}/scripts/generate_trust_center.py [--org-name \"Acme Corp\"] (local HTML only)\nEvidence export: python3 {baseDir}/scripts/export_evidence.py --framework \nInteractive Flows\nFirst-Time Setup\n\nWhen user asks to set up compliance: initialize DB silently, present framework options with control counts and use cases, offer gap analysis after activation.\n\nSmart Defaults\nEvidence type: infer from context (manual/automated/integration)\nRisk assessment: suggest likelihood/impact with reasoning, confirm before saving\nBulk operations: list exactly what will change, confirm, report summary\nProactive Suggestions\n\nAfter framework activation -> offer gap analysis and cloud integration setup. After marking controls complete -> offer score recalculation. After scanning -> offer to save as evidence. After scoring (< 30%) -> prioritize critical controls. (>= 90%) -> offer audit report.\n\nSlash Commands\nCommand\tAction\n/grc-score\tQuick compliance score\n/grc-gaps\tPriority gaps\n/grc-scan\tSecurity scan menu\n/grc-report\tGenerate report\n/grc-risks\tRisk register\n/grc-incidents\tActive incidents\n/grc-trust\tGenerate trust center\nScheduled Alerts (Cron)\n\nRegister via OpenClaw cron tool:\n\nEvidence expiry: daily 7 AM\nScore recalc: every 6 hours\nWeekly digest: Monday 8 AM\n\nAlways include \"Using auditclaw-grc skill\" in cron messages for routing.\n\nCompanion Skills\n\nOptional add-ons for automated cloud evidence collection. Evidence flows into the shared GRC database.\n\nSkill\tChecks\tSetup\nauditclaw-aws\t15 AWS checks (S3, IAM, CloudTrail, VPC, etc.)\taws configure with read-only IAM policy\nauditclaw-github\t9 GitHub checks (branch protection, secrets, 2FA, etc.)\tGITHUB_TOKEN env var\nauditclaw-azure\t12 Azure checks (storage, NSG, Key Vault, etc.)\tService principal with Reader + Security Reader\nauditclaw-gcp\t12 GCP checks (storage, firewall, IAM, etc.)\tGOOGLE_APPLICATION_CREDENTIALS with Viewer + Security Reviewer\nauditclaw-idp\t8 identity checks (Google Workspace + Okta)\tSA key + admin email / Okta API token\n\nInstall: clawhub install auditclaw-\n\nIf a user asks to connect a cloud provider, check list-companions first. If not installed, guide them to install it.\n\nIntegration Setup\n\nSay \"setup aws\", \"setup github\", etc. to get step-by-step guides with exact permissions. Use \"test aws connection\" to verify before running scans.\n\nReference Files\n{baseDir}/references/db-actions.md - Full action reference with all arguments\n{baseDir}/references/schema.md - Database schema\n{baseDir}/references/scoring-methodology.md - Scoring algorithm\n{baseDir}/references/commands/ - Detailed command guides\n{baseDir}/references/frameworks/ - Framework reference docs\n{baseDir}/references/integrations/ - Cloud integration guides" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/mailnike/auditclaw-grc", "publisherUrl": "https://clawhub.ai/mailnike/auditclaw-grc", "owner": "mailnike", "version": "1.0.2", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/auditclaw-grc", "downloadUrl": "https://openagent3.xyz/downloads/auditclaw-grc", "agentUrl": "https://openagent3.xyz/skills/auditclaw-grc/agent", "manifestUrl": "https://openagent3.xyz/skills/auditclaw-grc/agent.json", "briefUrl": "https://openagent3.xyz/skills/auditclaw-grc/agent.md" } }