Skill

security-monitor

From sundial-org-awesome-openclaw-skills-4

Monitors Clawdbot deployments in real-time for security threats like brute force attacks, port scans, process anomalies, file changes, and container issues, alerting via console, logs, or Telegram.

Node

Install

npx claudepluginhub joshuarweaver/cascade-ai-ml-agents-misc-2 --plugin sundial-org-awesome-openclaw-skills-4

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Run continuous security monitoring to detect breaches, intrusions, and unusual activity on your Clawdbot deployment.

Supporting Assets

scripts/monitor.cjs

SKILL.md

Similar Skills

cache-components

Guides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.

cache-components

139.2k

mcp-builder

9 files

Guides building MCP servers enabling LLMs to interact with external services via tools. Covers best practices, TypeScript/Node (MCP SDK), Python (FastMCP).

anthropics-skills-13

124.2k

canvas-design

20 files

Generates original PNG/PDF visual art via design philosophy manifestos for posters, graphics, and static designs on user request.

anthropics-skills-13

124.2k

Stats

Stars586

Forks75

Last CommitFeb 1, 2026

Actions

View Source View Plugin View on GitHub View README

Security Monitor Skill

When to use

Run continuous security monitoring to detect breaches, intrusions, and unusual activity on your Clawdbot deployment.

Setup

No external dependencies required. Runs as a background process.

How to

Start real-time monitoring

node skills/security-monitor/scripts/monitor.cjs --interval 60

Run in daemon mode (background)

node skills/security-monitor/scripts/monitor.cjs --daemon --interval 60

Monitor for specific threats

node skills/security-monitor/scripts/monitor.cjs --threats=credentials,ports,api-calls

What It Monitors

Threat	Detection	Response
Brute force attacks	Failed login detection	Alert + IP tracking
Port scanning	Rapid connection attempts	Alert
Process anomalies	Unexpected processes	Alert
File changes	Unauthorized modifications	Alert
Container health	Docker issues	Alert

Output

Console output (stdout)
JSON logs at /root/clawd/clawdbot-security/logs/alerts.log
Telegram alerts (configurable)

Daemon Mode

Use systemd or PM2 to keep monitoring active:

# With PM2
pm2 start monitor.cjs --name "clawdbot-security" -- --daemon --interval 60

Combined with Security Audit

Run audit first, then monitor continuously:

# One-time audit
node skills/security-audit/scripts/audit.cjs --full

# Continuous monitoring
node skills/security-monitor/scripts/monitor.cjs --daemon

Related skills

security-audit - One-time security scan (install separately)