Kandji Configuration Auditor
by LB Creations
Security review of Kandji agent configurations, library items, and automation for compliance and safety
- Audit custom bash and Python commands for privilege escalation risks
- Validate Kandji configurations against SOC2 and HIPAA compliance standards
- Identify hardcoded credentials and unsafe token handling in library items
$24.99
· or 125 creditsSecure checkout via Stripe
Included in download
- Audit custom bash and Python commands for privilege escalation risks
- Validate Kandji configurations against SOC2 and HIPAA compliance standards
- terminal, network automation included
- Ready for Universal SKILL.md Standard
Sample input
Review this bash script I'm adding to a Kandji custom command for 500 devices: export API_KEY="sk-prod-12345" and run the deployment utility. Any security concerns?
Sample output
CRITICAL: Potential Credential Leak Location: Custom Command 'Deploy-API-Key' Issue: API Key 'sk-...' hardcoded in bash script. Risk: Key will be stored in plaintext in Kandji audit logs and /var/log/kandji.log on all 500 endpoints. Remediation: Use a Kandji Profile or encrypted parameter.
Security review of Kandji agent configurations, library items, and automation for compliance and safety
$24.99
· or 125 creditsSecure checkout via Stripe
Included in download
- Audit custom bash and Python commands for privilege escalation risks
- Validate Kandji configurations against SOC2 and HIPAA compliance standards
- terminal, network automation included
- Ready for Universal SKILL.md Standard
- Instant install
Sample input
Review this bash script I'm adding to a Kandji custom command for 500 devices: export API_KEY="sk-prod-12345" and run the deployment utility. Any security concerns?
Sample output
CRITICAL: Potential Credential Leak Location: Custom Command 'Deploy-API-Key' Issue: API Key 'sk-...' hardcoded in bash script. Risk: Key will be stored in plaintext in Kandji audit logs and /var/log/kandji.log on all 500 endpoints. Remediation: Use a Kandji Profile or encrypted parameter.
Screenshots
About This Skill
Use Cases
- Audit custom bash and Python commands for privilege escalation risks
- Validate Kandji configurations against SOC2 and HIPAA compliance standards
- Identify hardcoded credentials and unsafe token handling in library items
- Ensure safe script translation when migrating from Jamf to Kandji
Known Limitations
- Cannot directly access live Kandji tenant data; requires copy-pasted configs.
- Subject to AI model context windows for extremely large fleet exports.
- Does not replace formal pen-testing.
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/kandji-configuration-auditor -o /tmp/kandji-configuration-auditor.zip && unzip -o /tmp/kandji-configuration-auditor.zip -d ~/.claude/skills && rm /tmp/kandji-configuration-auditor.zipFree skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Early access skill
Be the first to review this skill.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
Universal SKILL.md Standard
Creator
LB designs and builds autonomous AI systems optimized for local deployment. Specializing in distributed inference fleets, multi-model orchestration, and agent-native tooling, everything runs on your hardware, zero API fees.
Frequently Asked Questions
Learn More About AI Agent Skills
More Premium Skills
Multi-Agent Orchestration Master Library
Transform Claude Code into a coordinated multi-agent system. Battle-tested tmux orchestration patterns, YAML task queues, event-driven communication, and parallel worker management for 8+ agents.
Legacy Code Modernization Planner for AI Coding Agents
Creates safe modernization roadmaps for old, messy, undocumented, or fragile codebases, including risk audits, refactor phases, dependency reviews, testing plans, migration steps, and AI coding prompts.
PII & Data-Leak Scanner
Scan your schemas, seed data, config, and logs for personal data before it leaks. Detects PII-indicating column and key names (email, ssn, phone, address) across SQL, CSV, and JSON, plus PII in the data itself: email addresses, SSN-like numbers, credit-card-like numbers, phone numbers, and PII written into log files. Each finding is flagged with its location and a GDPR-style review note. Heuristic by design: it surfaces what to review, not a compliance guarantee.
designing-hybrid-context-layers
Architects the right retrieval strategy for every query — teaching your agent when to use RAG, a knowledge graph, or a temporal index instead of defaulting to vector search for everything.