ot-security-assessmentAssess OT/ICS security posture across 30 controls in 6 principles — Business Driven, Risk Based, Enterprise Wide, Methodical, OT Security Focused, and OT Sec...
Install via ClawdBot CLI:
clawdbot install krishnakumarmahadevan-cmd/ot-security-assessmentGrade Limited — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Sends data to undocumented external endpoint (potential exfiltration)
POST → https://portal.toolweb.in/apis/security/ot-security-assessmentCalls external URL not in known-safe list
https://portal.toolweb.inAudited Apr 17, 2026 · audit v1.0
Generated Apr 8, 2026
A manufacturing company seeks to assess its OT security posture to comply with industry regulations and protect production lines from cyber threats. The assessment evaluates controls across 6 principles, identifying gaps in network segmentation and incident response to prioritize remediation efforts.
An energy utility needs to evaluate its SCADA and ICS security against standards like NERC CIP and IEC 62443. The skill helps gather compliance data across 30 controls, providing scores and critical gaps to meet regulatory requirements and enhance critical infrastructure protection.
A water treatment facility aims to harden its OT network against potential attacks by assessing security controls related to risk management and OT-focused measures. The analysis reveals vulnerabilities in remote access and asset inventory, guiding targeted security improvements.
A pharmaceutical manufacturer uses the skill to assess OT security maturity for its industrial control systems, focusing on business-driven and methodical principles. It identifies gaps in security training and change management, supporting efforts to safeguard sensitive production processes.
A transportation agency evaluates its OT security for traffic management and signaling systems, using the skill to analyze controls across enterprise-wide and OT-compliant principles. The assessment highlights issues in unified governance and compliance documentation, aiding in risk mitigation.
The skill operates via a paid API where each call is tracked for billing, generating revenue per assessment. Users purchase API keys from the portal, enabling usage-based pricing that scales with demand and ensures ongoing income for the creator.
Offers tiered licensing plans (e.g., standard, premium) for organizations needing frequent assessments, with volume discounts and dedicated support. This model targets large clients in critical infrastructure sectors, providing predictable revenue streams through annual contracts.
The skill is integrated into professional security consulting services, where experts use it to deliver OT assessments as part of broader engagements. Revenue comes from consulting fees, with the API serving as a tool to enhance service delivery and efficiency.
💬 Integration Tip
Ensure the TOOLWEB_API_KEY is securely stored in environment variables and use curl with proper error handling in scripts to automate API calls and parse JSON responses for reporting.
Scored Apr 19, 2026
Security vetting protocol before installing any AI agent skill. Red flag detection for credential theft, obfuscated code, exfiltration. Risk classification L...
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope,...
Comprehensive security auditing for Clawdbot deployments. Scans for exposed credentials, open ports, weak configs, and vulnerabilities. Auto-fix mode included.
Audit codebases and infrastructure for security issues. Use when scanning dependencies for vulnerabilities, detecting hardcoded secrets, checking OWASP top 10 issues, verifying SSL/TLS, auditing file permissions, or reviewing code for injection and auth flaws.
Audit a user's current AI tool stack. Score each tool by ROI, identify redundancies, gaps, and upgrade opportunities. Produces a structured report with score...
Detect anomalies and outliers in construction data: unusual costs, schedule variances, productivity spikes. Statistical and ML-based detection methods.