auditclaw-idp
Identity provider compliance checks for auditclaw-grc. 8 read-only checks across Google Workspace (MFA, admin audit, inactive users, passwords) and Okta (MFA, password policy, inactive users, session policy).
Why use this skill?
Automate compliance evidence collection for Google Workspace and Okta. Audit MFA, passwords, and user activity for security audits with read-only OpenClaw integration.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/mailnike/auditclaw-idpWhat This Skill Does
AuditClaw IDP is a specialized security auditing skill designed to integrate seamlessly with the auditclaw-grc framework. It functions as an automated evidence collector for identity providers, specifically Google Workspace and Okta. The skill performs 8 distinct read-only compliance checks across these platforms, focusing on critical security indicators such as Multi-Factor Authentication (MFA) status, administrative audit logs, inactive account identification, and password policy enforcement. By automating the extraction of this data, AuditClaw IDP eliminates the need for manual reporting, providing security teams with a verifiable audit trail stored directly in the shared GRC SQLite database.
Installation
To install this skill, use the ClawHub command-line interface: clawhub install openclaw/skills/skills/mailnike/auditclaw-idp. Ensure that you have the auditclaw-grc skill installed and initialized beforehand, as the IDP skill relies on the shared database schema. After installation, verify the requirements by running pip install -r scripts/requirements.txt. Configuration requires setting environment variables for your chosen identity providers—either a Google Workspace service account JSON file for domain-wide delegation or an Okta API token with the relevant read-only scopes. No credentials are persisted by the skill, ensuring security remains a priority.
Use Cases
AuditClaw IDP is primarily used for compliance reporting and continuous monitoring. Security auditors use this skill to generate point-in-time evidence for ISO 27001, SOC2, or internal compliance audits without needing manual administrative access to identity consoles. It is also invaluable for IT administrators who need a quick pulse-check on identity security posture, such as identifying accounts that have bypassed MFA or detecting stale user accounts that pose a security risk if left active in the system.
Example Prompts
- "OpenClaw, run a full IDP evidence sweep to update my compliance database with current Okta and Google Workspace security settings."
- "Can you check if there are any Google Workspace users currently without MFA enabled?"
- "Show me the status of our IDP integration health, including when the last successful scan occurred and if there were any API errors."
Tips & Limitations
When using AuditClaw IDP, remember that it operates strictly on read-only permissions. This is a security feature, but it means you cannot use the skill to remediate findings; it identifies the gap, and you must manually resolve it in the respective dashboard. The skill assumes you have correctly configured the necessary API scopes; if you encounter errors, verify your Service Account or API Token permissions. Finally, ensure your ~/.openclaw/grc/compliance.sqlite path remains accessible to the script to prevent database write failures during the evidence collection process.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-mailnike-auditclaw-idp": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, file-write, external-api
Related Skills
auditclaw-aws
AWS compliance evidence collection for auditclaw-grc. 15 read-only checks across S3, IAM, CloudTrail, VPC, KMS, EC2, RDS, Lambda, EBS, SQS, SNS, Secrets Manager, Config, GuardDuty, and Security Hub.
erpclaw
AI-native ERP for small business. 29 modules, 609 actions. Install this meta-package to get started.
webclaw
Web dashboard for OpenClaw. Browser-based UI for any installed skill. Schema-driven rendering, JWT auth, RBAC, AI chat, real-time updates. Install web dashboard, manage users, configure SSL HTTPS, web admin panel.
auditclaw-grc
AI-native GRC (Governance, Risk, and Compliance) for OpenClaw. 97 actions across 13 frameworks including SOC 2, ISO 27001, HIPAA, GDPR, NIST CSF, PCI DSS, CIS Controls, CMMC, HITRUST, CCPA, FedRAMP, ISO 42001, and SOX ITGC. Manages controls, evidence, risks, policies, vendors, incidents, assets, training, vulnerabilities, access reviews, and questionnaires. Generates compliance scores, reports, dashboards, and trust center pages. Runs security header, SSL, and GDPR scans. Connects to AWS, Azure, GCP, GitHub, and identity providers via companion skills.
auditclaw-azure
Azure compliance evidence collection for auditclaw-grc. 12 read-only checks across storage, NSG, Key Vault, SQL, compute, App Service, and Defender for Cloud.