← Back to Skills Marketplace
laolaoqi

Linux Security Scanner

by new · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ Security Clean
91
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install linux-security-scanner
Description
Linux security auditing tool that checks SSH configuration, open/listening ports, firewall rules (ufw/iptables/nftables), failed login attempts, sudoers perm...
README (SKILL.md)

Linux Security Scanner

Script

scripts/security-audit.sh — the single entry point for all checks.

The script is self-contained, portable, and works on any modern Linux system. It auto-detects available tools (ss/netstat, ufw/iptables/nftables, journalctl) and gracefully skips unavailable ones.

Quick Start

Run a full audit:

bash scripts/security-audit.sh --all

Or with no arguments (same as --all):

bash scripts/security-audit.sh

Individual Checks

Run any single check by name:

Command What it checks
--ssh PermitRootLogin, PasswordAuthentication, Port, Protocol in sshd_config
--ports Listening TCP ports (ss or netstat)
--firewall ufw status, iptables filter rules, nftables ruleset
--failed-logins lastb output and journalctl SSH auth failures (last 24h)
--sudoers Sudoers file permissions (must be 440), files present, NOPASSWD entries, full sudo access grants
--world-writable World-writable files in /etc, /tmp, /var, /home, /opt (depth 3)
--suid All SUID binaries, risk assessment, unusual path detection

Example:

bash scripts/security-audit.sh --ssh --failed-logins

Full Audit Workflow

  1. Run bash scripts/security-audit.sh --all
  2. The script outputs a colorized report to stdout
  3. A structured markdown report is stored in the $REPORT variable (accessible within the same shell session)
  4. For programmatic use, redirect output to a file

Common Findings & Recommendations

  • SSH hardening: Disable root login, disable password auth, use key-only auth, change default port
  • Firewall: Ensure only necessary ports are open; prefer deny-by-default
  • Sudoers: Avoid NOPASSWD where possible; keep permissions at 440; audit who has full sudo access
  • SUID: Review unusual SUID paths; minimize SUID binaries; check for known CVEs on common ones (pkexec, sudo, etc.)
  • World-writable files: These are security risks — investigate why they're writable and restrict permissions

Notes

  • Requires root/sudo for some checks (failed-logins reads /var/log/btmp, ss shows process info)
  • Runs entirely in the shell — no external dependencies beyond standard Linux tools
  • Respects permission boundaries — non-accessible checks are noted, not forced
Usage Guidance
This skill looks appropriate for a local Linux security posture check. Before installing or running it, review the script, run it only on systems you administer, be cautious with sudo, and avoid sharing the report publicly because it may contain sensitive host configuration, usernames, IP addresses, and privilege information.
Capability Analysis
Type: OpenClaw Skill Name: linux-security-scanner Version: 1.0.0 The bundle is a standard Linux security auditing tool that performs read-only checks on system configuration and logs. The script 'scripts/security-audit.sh' audits SSH settings, firewall rules, listening ports, sudoers permissions, and SUID binaries using native Linux commands without any evidence of data exfiltration, persistence mechanisms, or malicious intent.
Capability Assessment
Purpose & Capability
The stated purpose matches the visible script: it checks SSH configuration, ports, firewall rules, failed logins, sudoers, world-writable files, and SUID binaries. These are sensitive host-security details, but they are expected for a Linux security scanner and appear read-only.
Instruction Scope
The skill is user-invocable and documents explicit commands. No hidden instruction override, forced autonomous behavior, or goal redirection is evident in the provided artifacts.
Install Mechanism
There is no install spec and the bundled script is visible, but the registry metadata lists the source as unknown and no homepage is provided, so users should review the script before running it, especially with sudo.
Credentials
The script is Linux-specific and uses standard Linux tools and paths, while the registry OS restriction is unset. This is a compatibility/proportionality note rather than suspicious behavior.
Persistence & Privilege
No persistence, background process, network transmission, or file mutation is shown. Some checks may require elevated privileges and can reveal sensitive local security configuration and login data.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install linux-security-scanner
  3. After installation, invoke the skill by name or use /linux-security-scanner
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of linux-security-scanner. - Provides a script to perform comprehensive security audits on Linux systems. - Checks SSH configuration, open/listening ports, firewall rules, failed login attempts, sudoers permissions, world-writable files, and SUID binaries. - Allows running either a full audit or specific individual checks via command-line flags. - Outputs colorized reports and saves a structured markdown report for further use. - Detects available tools and skips unsupported checks gracefully. - Requires standard Linux utilities; no external dependencies needed.
Metadata
Slug linux-security-scanner
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Linux Security Scanner?

Linux security auditing tool that checks SSH configuration, open/listening ports, firewall rules (ufw/iptables/nftables), failed login attempts, sudoers perm... It is an AI Agent Skill for Claude Code / OpenClaw, with 91 downloads so far.

How do I install Linux Security Scanner?

Run "/install linux-security-scanner" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Linux Security Scanner free?

Yes, Linux Security Scanner is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Linux Security Scanner support?

Linux Security Scanner is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Linux Security Scanner?

It is built and maintained by new (@laolaoqi); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments