← Back to Skills Marketplace
1208
Downloads
1
Stars
2
Active Installs
1
Versions
Install in OpenClaw
/install seithar-intel
Description
Provides real-time cyber and cognitive security threat intelligence, scoring and briefing relevant news, vulnerabilities, exploits, and influence operations...
Usage Guidance
This skill appears to do what it claims (a threat-intel feed and briefing assistant) and does not request extra credentials or installs — but before enabling it you should: 1) Confirm where briefings will be sent and what chat credentials (if any) the skill will use; ensure those tokens have only the necessary posting scope. 2) Decide whether you want the skill to fetch raw PoC pages or payloads; if not, ask it to avoid retrieving code blobs or binary attachments. 3) Consider whitelisting the feed list and limiting fetch frequency to avoid excessive network access. 4) If you care about retention/audit, ask how deduplication state is stored (in-memory vs persistent) and how long summaries are kept. 5) If you have policy concerns (sharing exploit code, regulated data), test in a controlled environment first. If you want, I can produce a short checklist of safe configuration settings to apply before enabling the skill.
Capability Analysis
Type: OpenClaw Skill
Name: seithar-intel
Version: 1.0.0
The skill 'seithar-intel' is designed for threat intelligence and cognitive security analysis. It leverages OpenClaw's built-in `web_fetch`, `web_search`, memory, and cron tools to monitor RSS feeds, query public APIs (NVD, GitHub search for PoCs), and provide briefings. The `SKILL.md` instructions are clear, align with the stated purpose, and do not contain any directives for the agent to perform malicious actions such as data exfiltration, unauthorized command execution, or prompt injection with harmful objectives. Installation instructions and lab exercises are clearly directed at the user, not the agent. The skill appears to operate within the expected boundaries of a legitimate OpenClaw agent skill.
Capability Assessment
Purpose & Capability
The SKILL.md describes a threat-intel / cognitive-security briefing agent and the runtime instructions (fetch RSS, parse, score, summarize, deliver briefings) match that purpose. No unrelated binaries, env vars, or install steps are requested.
Instruction Scope
Instructions are generally scoped to fetching public RSS feeds via the platform's web_fetch tool, deduplicating in memory, scoring with the LLM, and sending briefings. The skill explicitly says it will 'discover public proof-of-concept code for disclosed vulnerabilities' — which is coherent for threat research but means the agent may fetch exploit PoC pages or payloads. The SKILL.md does not specify safeguards (e.g., avoid downloading/executing binaries or attachments) or limits on what content to fetch, so there is some operational risk and ambiguity about handling potentially harmful content.
Install Mechanism
This is instruction-only with no install spec and no code files, which minimizes disk persistence and install-time risk.
Credentials
The skill requests no environment variables or credentials in the registry metadata. However, it states it will deliver briefings via the operator's 'preferred chat app' and use OpenClaw's cron/heartbeat — the SKILL.md does not declare or document any required delivery credentials or scopes. This is explainable if it uses the agent's existing channel integrations, but it's a missing operational detail the operator should confirm (which chat endpoints will receive alerts, what credentials are used, and whether the skill will need extended posting permissions).
Persistence & Privilege
always:false and no install means the skill does not request forced-permanent inclusion. The skill uses in-memory deduplication and relies on platform scheduling; autonomous invocation is allowed by default but not unusual for this kind of feed-checker. No evidence it modifies other skills or system-wide settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install seithar-intel - After installation, invoke the skill by name or use
/seithar-intel - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release — transforms OpenClaw into an automated cyber and cognitive threat intelligence analyst.
- Monitors prominent cyber and cognitive security RSS feeds for news, vulnerabilities, exploits, and influence operations.
- Scores feed items against your custom interest profile and delivers daily morning/evening briefings or on-demand analysis.
- Provides deep-dive breakdowns of CVEs, exploits, and campaigns, including attack techniques, MITRE ATT&CK/DISARM mappings, and PoC discovery.
- Fully configurable for briefing times, feed check intervals, and personal learning recommendations.
- Runs entirely via chat app interface — no external API keys needed for scoring/profiling.
Metadata
Frequently Asked Questions
What is seithar-intel?
Provides real-time cyber and cognitive security threat intelligence, scoring and briefing relevant news, vulnerabilities, exploits, and influence operations... It is an AI Agent Skill for Claude Code / OpenClaw, with 1208 downloads so far.
How do I install seithar-intel?
Run "/install seithar-intel" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is seithar-intel free?
Yes, seithar-intel is completely free (open-source). You can download, install and use it at no cost.
Which platforms does seithar-intel support?
seithar-intel is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created seithar-intel?
It is built and maintained by Mirai8888 (@mirai8888); the current version is v1.0.0.
More Skills