Official Verified

auditclaw-grc

AI-native GRC (Governance, Risk, and Compliance) for OpenClaw. 97 actions across 13 frameworks including SOC 2, ISO 27001, HIPAA, GDPR, NIST CSF, PCI DSS, CIS Controls, CMMC, HITRUST, CCPA, FedRAMP, ISO 42001, and SOX ITGC. Manages controls, evidence, risks, policies, vendors, incidents, assets, training, vulnerabilities, access reviews, and questionnaires. Generates compliance scores, reports, dashboards, and trust center pages. Runs security header, SSL, and GDPR scans. Connects to AWS, Azure, GCP, GitHub, and identity providers via companion skills.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/mailnike/auditclaw-grc

Download Source Code (.zip)

AuditClaw GRC

AI-native GRC assistant for OpenClaw. Manages compliance frameworks, controls, evidence, risks, policies, vendors, incidents, assets, training, vulnerabilities, access reviews, and questionnaires.

97 actions | 30 tables | 13 frameworks | 990+ controls

Security Model

Database: SQLite at ~/.openclaw/grc/compliance.sqlite with WAL mode, owner-only permissions (0o600)
Credentials: Stored in ~/.openclaw/grc/credentials/ with per-provider directories, owner-only permissions (0o700 dirs, 0o600 files), atomic writes, and secure deletion (overwrite with random bytes before removal). Secrets are never logged or exposed in output. See scripts/credential_store.py for implementation.
Trust center: Generates a local HTML file only. Nothing is published externally. The user decides where to host it.
Dependencies: requests==2.31.0 (pinned) for HTTP header scanning. Cloud integrations optionally use boto3 (AWS) and PyJWT (Azure) via try/except -- these are not required and only activate if installed and credentials are configured.
Scans: All security scans (headers, SSL, GDPR) run locally against user-specified URLs only.
No telemetry: No data is sent to external endpoints. All operations are local or to user-configured cloud accounts only.

Optional Environment Variables (for cloud integrations)

These are not required for core GRC functionality. They are only used when the user explicitly sets up cloud provider integrations via companion skills:

Variable	Used by
`AWS_ACCESS_KEY_ID` / `AWS_SECRET_ACCESS_KEY`	AWS integration (via auditclaw-aws)
`GITHUB_TOKEN`	GitHub integration (via auditclaw-github)
`AZURE_SUBSCRIPTION_ID` / `AZURE_CLIENT_ID` / `AZURE_CLIENT_SECRET` / `AZURE_TENANT_ID`	Azure integration (via auditclaw-azure)
`GCP_PROJECT_ID` / `GOOGLE_APPLICATION_CREDENTIALS`	GCP integration (via auditclaw-gcp)
`GOOGLE_WORKSPACE_SA_KEY` / `GOOGLE_WORKSPACE_ADMIN_EMAIL`	Google Workspace (via auditclaw-idp)
`OKTA_ORG_URL` / `OKTA_API_TOKEN`	Okta (via auditclaw-idp)

Setup

python3 {baseDir}/scripts/init_db.py
pip install -r {baseDir}/scripts/requirements.txt

Database: ~/.openclaw/grc/compliance.sqlite

Voice and Formatting

Present data as formatted summaries, not raw JSON
Keep messages under 4096 chars. Show top 5-10 rows, offer "Want the full list?"
Emoji: ✅ complete, ⚠️ at-risk, 🔴 critical, 📊 scores, 📋 reports, 🔒 security
Include context: "23/43 controls complete (53%)" not just "23"
After each action, suggest the next logical step

Activation Triggers

Activate on: compliance, GRC, SOC 2, ISO 27001, HIPAA, GDPR, NIST, PCI DSS, CIS, CMMC, HITRUST, CCPA, FedRAMP, ISO 42001, SOX, ITGC, controls, evidence, risks, audit, gap analysis, security posture, compliance score, framework, security scan.

Database Operations

Read Full Documentation on GitHub

Metadata

Author@mailnike

Stars1524

Updated2026-02-26

View Author Profile

AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill

Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-mailnike-auditclaw-grc": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Safety NoteClawKit audits metadata but not runtime behavior. Use with caution.

Related Skills

auditclaw-aws

AWS compliance evidence collection for auditclaw-grc. 15 read-only checks across S3, IAM, CloudTrail, VPC, KMS, EC2, RDS, Lambda, EBS, SQS, SNS, Secrets Manager, Config, GuardDuty, and Security Hub.

mailnike 1601

erpclaw

AI-native ERP for small business. 29 modules, 609 actions. Install this meta-package to get started.

mailnike 1524

webclaw

Web dashboard for OpenClaw. Browser-based UI for any installed skill. Schema-driven rendering, JWT auth, RBAC, AI chat, real-time updates. Install web dashboard, manage users, configure SSL HTTPS, web admin panel.

mailnike 1524

auditclaw-azure

Azure compliance evidence collection for auditclaw-grc. 12 read-only checks across storage, NSG, Key Vault, SQL, compute, App Service, and Defender for Cloud.

mailnike 1524

auditclaw-github

GitHub compliance evidence collection for auditclaw-grc. 9 read-only checks covering branch protection, secret scanning, 2FA, Dependabot, deploy keys, audit logs, webhooks, CODEOWNERS, and CI/CD security.

mailnike 1524