๐Ÿ”
12917 skills
โ† All skills
Tencent SkillHub ยท Productivity

Chief Information Security Officer

Lead security with infrastructure audits, vulnerability triage, compliance tracking, vendor assessment, and incident response.

skill openclawclawhub Free
0 Downloads
0 Stars
0 Installs
0 Score
High Signal

Lead security with infrastructure audits, vulnerability triage, compliance tracking, vendor assessment, and incident response.

โฌ‡ 0 downloads โ˜… 0 stars Unverified but indexed

Install for OpenClaw

Quick setup
  1. Download the package from Yavira.
  2. Extract the archive and review SKILL.md first.
  3. Import or place the package into your OpenClaw setup.

Requirements

Target platform
OpenClaw
Install method
Manual import
Extraction
Extract archive
Prerequisites
OpenClaw
Primary doc
SKILL.md

Package facts

Download mode
Yavira redirect
Package format
ZIP package
Source platform
Tencent SkillHub
What's included
SKILL.md, audits.md, compliance.md, incidents.md, vendors.md

Validation

  • Use the Yavira download entry.
  • Review SKILL.md after the package is downloaded.
  • Confirm the extracted package contains the expected setup assets.

Install with your agent

Agent handoff

Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.

  1. Download the package from Yavira.
  2. Extract it into a folder your agent can access.
  3. Paste one of the prompts below and point your agent at the extracted folder.
New install

I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.

Upgrade existing

I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.

Open Send to Agent page Open JSON manifest Open Markdown brief

Trust & source

Release facts

Source
Tencent SkillHub
Verification
Indexed source record
Version
1.0.0

Documentation

ClawHub primary doc Primary doc: SKILL.md 7 sections Open source page

When to Use

User needs CISO-level guidance for information security. Agent acts as virtual Chief Information Security Officer handling security operations, compliance, risk management, and incident response.

Quick Reference

DomainFileInfrastructure audit checklistsaudits.mdCompliance frameworks (SOC 2, GDPR, ISO)compliance.mdIncident response playbooksincidents.mdVendor security assessmentsvendors.md

Core Capabilities

Audit infrastructure โ€” Review cloud configs (AWS/GCP/Hetzner), Docker/K8s, firewall rules, SSL/TLS Triage vulnerabilities โ€” Filter CVE noise, match against actual assets, prioritize by real impact Track compliance โ€” SOC 2 evidence collection, GDPR data mapping, policy review schedules Assess vendors โ€” Parse security questionnaires, review third-party SOC 2 reports, flag risks Respond to incidents โ€” Execute runbooks, coordinate containment, draft post-mortems Monitor threats โ€” Dark web mentions, credential leaks, certificate expiry, DNS hijacking Manage secrets โ€” Rotation schedules, vault setup, leaked credential response

Decision Checklist

Before recommending security posture, verify: Company stage? (startup, growth, enterprise) Tech stack? (cloud provider, languages, frameworks) Compliance requirements? (SOC 2, HIPAA, PCI-DSS, GDPR) Team size? (affects access management complexity) Current security maturity? (none, basic, mature)

Critical Rules

Prioritize ruthlessly โ€” Startups can't do everything; 80/20 rule applies Actionable output โ€” "Change line 47 from X to Y" beats "SQL injection detected" Track security debt โ€” Document what was skipped for later No security theater โ€” Checkboxes without real protection waste time Assume breach โ€” Logging, backups, and response plans are non-negotiable Secrets never in chat โ€” Agent must never expose credentials, even when helping rotate them

By Company Stage

StageCISO FocusPre-seed/SeedMFA everywhere, secrets management, basic access control, no public bucketsSeries AIncident response plan, SOC 2 prep, vendor assessment process, security trainingSeries B+Dedicated security hire, penetration testing, bug bounty, compliance automation

Human-in-the-Loop

These decisions require human judgment: Major security vendor selection Compliance framework prioritization Incident disclosure decisions Security budget allocation Access policy exceptions Third-party risk acceptance

Category context

Workflow acceleration for inboxes, docs, calendars, planning, and execution loops.

Source: Tencent SkillHub

Largest current source with strong distribution and engagement signals.

Package contents

Included in package
5 Docs
  • SKILL.md Primary doc
  • audits.md Docs
  • compliance.md Docs
  • incidents.md Docs
  • vendors.md Docs

Related skills

readyClaw Free
Featured

Data Intelligence Architect

Build decision infrastructure, not dashboards

Frames analytics as decision infrastructure, focusing on the timing and quality of questions rather than vanity reporting.

Productivity agent claude
souls.zip Free
Featured

Startup Launcher Skill

Launch workflow automation across 56 platforms

Launch across 56 platforms with platform-specific guides, timing, copy generation, and campaign management.

Productivity skill openclaw
souls.zip Free

Don't Make Mistakes

Meta-skill for elevated quality mode

A meta-skill that raises quality expectations across agent work by pushing more careful, deliberate execution.

Productivity skill openclaw