BytesAgain is a curated directory of 60,000+ AI agent skills from ClawHub, GitHub, LobeHub, and Dify. Search skills by keyword in 7 languages, browse by role (developer, creator, trader, marketer) or by use case.

How do I find AI skills on BytesAgain?

Use the search bar on BytesAgain.com to search by keyword in 7 languages. You can also browse by role (developer, creator, trader, marketer) or by use case. Each skill shows install instructions for Claude, Cursor, OpenClaw, Continue, and more.

Yes, BytesAgain is completely free. No registration required for searching skills. The MCP API is also free with rate limits.

Does BytesAgain have an API for AI agents?

Yes! BytesAgain provides a free MCP SSE endpoint at /api/mcp/sse for AI agents, plus a REST API at /api/mcp?action=search&q= . No authentication needed.

Can I request a new AI skill on BytesAgain?

Yes! Visit the Requests page on BytesAgain.com to submit a skill request. Your request will be visible to the community and notified to the site admin.

🦀 ClawHub

Palo Alto Firewall Audit

by @vahagn-madatyan

PAN-OS zone-based security policy audit with App-ID/Content-ID analysis, Security Profile Group validation, zone protection assessment, and decryption policy...

Versionv1.0.0

#security #writing #legal

⚡ When to Use

Trigger	Action
- Annual or quarterly compliance audit requiring rule-level justification
- Post-incident rule assessment to identify how traffic was permitted
- Zone segmentation validation after network redesign or VLAN changes
- Security Profile Group gap analysis — finding allow rules without threat inspection
- App-ID adoption assessment — measuring migration from `application any` to named App-IDs
- Pre-upgrade policy baseline before PAN-OS major version upgrades
- Panorama push validation — confirming device group rules are consistent across managed firewalls

⚙️ Configuration

Read-only administrative access to PAN-OS CLI, XML API, or REST API (PAN-OS 9.1+ for REST)

Understanding of the zone topology — which zones exist, their trust classification, and expected traffic flows between zone pairs

Knowledge of expected application allowlists per zone pair (which App-IDs should be permitted where)

Awareness of Security Profile Group assignments — which profile group should apply to which traffic categories

For Panorama-managed environments: access to Panorama with visibility into device group hierarchy

Candidate configuration committed — audit evaluates the running configuration, not candidate

📋 Tips & Best Practices

Large Rulebases (>500 Rules)

Auditing large rulebases manually is impractical. Use the XML API to export the full policy as structured data for programmatic analysis: /api/?type=config&action=get&xpath=/config/devices/entry/vsys/entry/rulebase/security Parse the XML to automate shadow detection, profile coverage gaps, and App-ID ratio calculations. Prioritize by hit count — rules with zero hits in 90 days are cleanup candidates.

Panorama Shared vs Device-Group Policies

In Panorama-managed environments, rules exist at multiple levels: shared pre-rules → device-group pre-rules → local rules → device-group post-rules → shared post-rules. An audit must evaluate the effective rulebase on each managed firewall, not just the Panorama device group in isolation. Use show running security-policy on individual firewalls to see the merged effective policy.

Dynamic Address Groups

Rules referencing dynamic address groups (DAGs) with tag-based membership complicate audit — the effective scope changes as tagged objects are added/removed. Check current membership with show object dynamic-address-group all and note that findings may shift as membership changes. Document the DAG evaluation at audit time.

GlobalProtect and Captive Portal Zones

Traffic from GlobalProtect VPN users and Captive Portal-authenticated sessions may enter zones differently than standard interface traffic. Verify that security policies cover GP tunnel zones and that User-ID integration is functioning for identity-based rules.

Content Update Failures

If App-ID or Threat Prevention signatures are outdated, audit findings may not reflect current threat landscape. Verify update schedules: show system info | match content and show jobs processed. Resolve update failures before finalizing the audit report.

View on ClawHub

TERMINAL

clawhub install palo-alto-firewall-audit