← Back to Skills Marketplace
scorpion7slayer

NxtSecure-openclaw

by scorpion7slayer · GitHub ↗ · v0.1.3 · MIT-0
cross-platform ⚠ suspicious
320
Downloads
1
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install nxtsecure-openclaw
Description
Use when auditing and remediating an OpenClaw Linux host with a nightly 23:00 security run. Covers firewall status, fail2ban bans, SSH hardening with key-onl...
Usage Guidance
This skill appears to do what it says, but it modifies system state and can remediate automatically. Before installing or enabling: 1) Inspect the bundled scripts yourself and test them on a non-production host. 2) Backup SSH config and ensure you have an alternate access method (console or recovery) in case of lockout. 3) Consider setting AUTO_REMEDIATE=0 in the config to run in report-only mode, then enable remediation after manual review. 4) Note the cron installer will add a persistent nightly job; run it only on hosts you want scheduled audits on. 5) The SKILL.md suggests installing an external npm package — if you follow that step, verify the upstream package (publisher, version) before running. 6) VirusTotal uploads are disabled by default; the script will prepare browser-based workflows and only uploads if you explicitly enable/approve it. 7) If you need higher assurance, run the audit scripts manually once and review their output/logs before installing the cron.
Capability Analysis
Type: OpenClaw Skill Name: nxtsecure-openclaw Version: 0.1.3 The skill bundle implements an automated security audit and remediation suite that performs high-risk system modifications, including disabling SSH password authentication, changing SSH ports, modifying firewall rules, and stopping Docker containers (scripts/openclaw_security_audit.sh). It establishes persistence via a nightly root cron job (scripts/install_cron.sh) and instructs the agent to install an external global npm package (nxtsecure-openclaw). While SKILL.md includes safety guidance to prevent user lockout and requires consent for file uploads to VirusTotal, the automated execution of privileged system changes and the use of browser-based automation for security checks represent a high-risk capability set that could be used for system disruption or unauthorized access if misconfigured or subverted.
Capability Assessment
Purpose & Capability
The name/description (OpenClaw host security audit, nightly 23:00 run) match the delivered assets: a main audit script, a cron installer, and a VirusTotal helper. The checks implemented (firewall, fail2ban, SSH hardening, listening ports, Docker review, disk, failed logins, automatic updates, VirusTotal browser workflow) are expected for this purpose.
Instruction Scope
The SKILL.md and bundled scripts instruct the agent to perform privileged changes: enable services, modify SSH configuration (disable password auth, add drop-in files), and potentially enable firewall rules. These actions are coherent for a remediation tool but are powerful. The skill attempts automatic remediation by default (AUTO_REMEDIATE=1) and will disable SSH password auth automatically if allowed — the README includes safety guidance (check new port, open firewall, test a second session) which mitigates lockout risk, but the automatic remediation default can still surprise an operator who expects only reporting.
Install Mechanism
There is no install spec in the registry bundle (instruction-only plus local scripts). The SKILL.md suggests an npm package (npm install -g nxtsecure-openclaw) as a preferred CLI, but the repository includes functional local scripts as fallbacks. Installing the npm package would fetch external code not included here; the bundled scripts themselves do not download remote archives and are inspectable.
Credentials
No secrets or unrelated credentials are requested. The scripts read system configuration files (ssh config, systemctl, firewall, Docker state) and accept a few optional env vars (OPENCLAW_AUDIT_CONFIG, OPENCLAW_AUDIT_LOG, VIRUSTOTAL_ALLOW_UPLOADS). These are proportional to a host audit but require elevated privileges to act, which is expected but sensitive.
Persistence & Privilege
The installer script writes a crontab entry to schedule the audit nightly at 23:00; this is persistent and, if run as root, will execute privileged work each night. The skill is not force-enabled (always:false). Autonomous model invocation is allowed by default (normal), but persistent scheduled execution is a real operational effect the user should explicitly approve.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install nxtsecure-openclaw
  3. After installation, invoke the skill by name or use /nxtsecure-openclaw
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.3
- Initial release of openclaw-security-audit for OpenClaw Linux host security auditing and remediation. - Provides nightly 23:00 automated security audit via cron. - Checks cover firewall, fail2ban, SSH hardening (key-only, non-default port), listening ports, Docker allowlisting, disk usage, failed login attempts, security package updates, and VirusTotal web-based file/URL scanning. - Includes step-by-step SSH hardening guidance with safe migration practices. - VirusTotal checks use browser automation, not API keys, and require explicit user decisions for handling malicious or suspicious findings. - CLI workflow with bundled scripts and config templates for ease of setup and operation.
Metadata
Slug nxtsecure-openclaw
Version 0.1.3
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is NxtSecure-openclaw?

Use when auditing and remediating an OpenClaw Linux host with a nightly 23:00 security run. Covers firewall status, fail2ban bans, SSH hardening with key-onl... It is an AI Agent Skill for Claude Code / OpenClaw, with 320 downloads so far.

How do I install NxtSecure-openclaw?

Run "/install nxtsecure-openclaw" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is NxtSecure-openclaw free?

Yes, NxtSecure-openclaw is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does NxtSecure-openclaw support?

NxtSecure-openclaw is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created NxtSecure-openclaw?

It is built and maintained by scorpion7slayer (@scorpion7slayer); the current version is v0.1.3.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments