Agent skill
security-monitor
Real-time security monitoring for Clawdbot. Detects intrusions, unusual API calls, credential usage patterns, and alerts on breaches.
Install this agent skill to your Project
npx add-skill https://github.com/delorenj/skills/tree/main/security-monitor
SKILL.md
Security Monitor Skill
When to use
Run continuous security monitoring to detect breaches, intrusions, and unusual activity on your Clawdbot deployment.
Setup
No external dependencies required. Runs as a background process.
How to
Start real-time monitoring
node skills/security-monitor/scripts/monitor.cjs --interval 60
Run in daemon mode (background)
node skills/security-monitor/scripts/monitor.cjs --daemon --interval 60
Monitor for specific threats
node skills/security-monitor/scripts/monitor.cjs --threats=credentials,ports,api-calls
What It Monitors
| Threat | Detection | Response |
|---|---|---|
| Brute force attacks | Failed login detection | Alert + IP tracking |
| Port scanning | Rapid connection attempts | Alert |
| Process anomalies | Unexpected processes | Alert |
| File changes | Unauthorized modifications | Alert |
| Container health | Docker issues | Alert |
Output
- Console output (stdout)
- JSON logs at
/root/clawd/clawdbot-security/logs/alerts.log - Telegram alerts (configurable)
Daemon Mode
Use systemd or PM2 to keep monitoring active:
# With PM2
pm2 start monitor.cjs --name "clawdbot-security" -- --daemon --interval 60
Combined with Security Audit
Run audit first, then monitor continuously:
# One-time audit
node skills/security-audit/scripts/audit.cjs --full
# Continuous monitoring
node skills/security-monitor/scripts/monitor.cjs --daemon
Related skills
security-audit- One-time security scan (install separately)
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
openclaw-upgrade
Upgrade OpenClaw installations to the latest version. Handles global npm installs, local development setups, release channels (stable/beta/dev), configuration preservation, and platform-specific requirements. Use when updating OpenClaw, switching release channels, or troubleshooting update issues.
vercel-composition-patterns
React composition patterns that scale. Use when refactoring components with boolean prop proliferation, building flexible component libraries, or designing reusable APIs. Triggers on tasks involving compound components, render props, context providers, or component architecture. Includes React 19 API changes.
event-driven-architecture
Kafka, RabbitMQ, SQS/SNS, event sourcing, CQRS, saga patterns, dead letter queues, and idempotency. Use when designing asynchronous systems, implementing message-driven workflows, or building event streaming pipelines.
shadcn-ui
Expert guidance for integrating and building applications with shadcn/ui components, including component discovery, installation, customization, and best practices.
just-fucking-cancel
Find and cancel unwanted subscriptions by analyzing bank transactions. Detects recurring charges, calculates annual waste, and helps you cancel with direct URLs and browser automation. Use when: 'cancel subscriptions', 'audit subscriptions', 'find recurring charges', 'what am I paying for', 'save money', 'subscription cleanup', 'stop wasting money'. Supports CSV import (Apple Card, Chase, Amex, Citi, Bank of America, Capital One, Mint, Copilot) OR Plaid API for automatic transaction pull. Outputs interactive HTML audit with one-click cancel workflow. Pairs with Plaid integration for real-time transaction access without CSV exports.
openclaw-agent-management
This skill codifies the standards and workflows for this machine's openclaw agent gateway configuration. Use this skill when provisioning new agents or managing existing ones. Trigger phrases are "add a new agent", "update [agent's name] identity"
Didn't find tool you were looking for?