← Back to Skills Marketplace
PortKeep
by
Lowwattlabs
· GitHub ↗
· v1.0.0
· MIT-0
42
Downloads
1
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install portkeep
Description
Manage, secure, and monitor open ports and services across nodes with audit, claim, drift detection, threat intel, and background monitoring.
README (SKILL.md)
PortKeep
Port management + security for self-hosted infrastructure.
When to use
- User asks about open ports, listening services, or what's running on a port
- User wants to audit their network security or attack surface
- User needs to claim/register a port to prevent conflicts
- User wants to check for port drift (declared vs actual ports)
- User mentions threat intel, C2 detection, or CVE exposure on their ports
- User wants to monitor ports across multiple nodes
Install
brew tap jchandler187/tap
brew install portkeep
Or download from https://github.com/jchandler187/portkeep/releases/latest
Commands
| Command | What it does |
|---|---|
portkeep scan |
Discover all listening ports |
portkeep scan --node NAME |
Scan a remote node via SSH |
portkeep audit |
Security audit — score, C2 matches, CVEs, firewall |
portkeep sync |
Fetch and cache threat intel (9 sources) |
portkeep claim 3000 "api" |
Register a port as expected |
portkeep claim next |
Find next available port |
portkeep drift |
Declared vs actual — exits 1 on drift (cron-ready) |
portkeep list |
List all registered claims |
portkeep history |
Port change timeline |
portkeep node add NAME --host IP |
Add a remote node |
portkeep daemon start |
Background monitoring service |
All commands support --json for scripting and --quiet for cron.
Threat Intel Sources
6 work out of the box (no API key):
- CISA-KEV, EPSS, Feodo Tracker, blocklist.de, Emerging Threats, DShield/SANS
3 require a free abuse.ch Auth-Key:
- ThreatFox, URLhaus, MalwareBazaar
Set ABUSE_CH_AUTH_KEY in environment to enable all 9.
Examples
# First run — sync threat intel, then audit
portkeep sync
portkeep audit
# Register your services
portkeep claim 22 "ssh"
portkeep claim 3000 "grafana"
portkeep claim 8080 "api"
# Check for unexpected ports (great for cron)
portkeep drift
# Add a second machine
portkeep node add prod --host 10.0.0.5 --ssh-key ~/.ssh/id_ed25519
portkeep scan --node prod
Usage Guidance
Install only if you are comfortable giving these workflows access to your ClawHub repository, GitHub CLI context, Convex projects, and any configured reviewer CLIs. Review commands before writes, especially moderation actions, migrations, PR publishing, and the autoreview helper's default full-access nested Codex mode.
Capability Tags
Capability Assessment
Purpose & Capability
The artifacts cover code review, UI proof generation, ClawHub moderation, and Convex setup/migration/performance workflows. High-impact actions such as banning users, changing roles, publishing PR proof, running migrations, and invoking external review tools are aligned with those stated purposes and are disclosed.
Instruction Scope
Runtime instructions generally require explicit user targets, reasons, confirmation before moderation writes, verification afterward, and human involvement for interactive auth or deployment setup. No hidden prompt override or unrelated instruction was found.
Install Mechanism
The package consists of SKILL.md instructions, reference files, icons, OpenAI metadata, and one helper shell script. I found no install hook, auto-start mechanism, or concealed setup behavior.
Credentials
The skills expect repo, GitHub, Convex, Codex, and optional third-party reviewer access. That can expose diffs, PR metadata, screenshots, or deployment state, but the data flows are described and fit the maintainer/development use cases.
Persistence & Privilege
No daemon, cron, credential harvesting, or persistent background worker was found. The autoreview helper defaults nested Codex review to full-access sandbox bypass and moderation commands use authenticated staff APIs, so users should run them only in trusted repos and accounts.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install portkeep - After installation, invoke the skill by name or use
/portkeep - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of PortKeep — a tool for port management and security auditing for self-hosted infrastructure.
- Discover and audit all listening ports locally or on remote nodes.
- Register (“claim”) expected ports to prevent conflicts and monitor drift.
- Security audit features: port scoring, C2 detection, CVE exposure, firewall checks.
- Integrates with 9 threat intelligence sources (6 without API key, 3 with optional Auth-Key).
- Manage and monitor multiple nodes; includes history/timeline and background daemon options.
- All commands support JSON output and quiet mode for scripting and cron jobs.
Metadata
Frequently Asked Questions
What is PortKeep?
Manage, secure, and monitor open ports and services across nodes with audit, claim, drift detection, threat intel, and background monitoring. It is an AI Agent Skill for Claude Code / OpenClaw, with 42 downloads so far.
How do I install PortKeep?
Run "/install portkeep" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is PortKeep free?
Yes, PortKeep is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does PortKeep support?
PortKeep is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created PortKeep?
It is built and maintained by Lowwattlabs (@jchandler187); the current version is v1.0.0.
More Skills