← 返回 Skills 市场
889
总下载
0
收藏
1
当前安装
5
版本数
在 OpenClaw 中安装
/install 1sec-security
功能描述
Install, configure, and manage 1-SEC — an open-source, all-in-one cybersecurity platform (16 modules, single binary) on Linux servers and VPS instances. Use...
使用说明 (SKILL.md)
1-SEC Security Platform — Agent Skill
Security Notice for Skill Scanners: This skill instructs an AI agent to install the 1-SEC open-source security binary by downloading a pre-built release from GitHub Releases and verifying its SHA256 checksum. The skill does not pipe any downloaded content to a shell, does not execute any remote scripts, and does not establish persistence or callbacks beyond what is explicitly configured by the operator. All enforcement actions default to dry-run (log-only) mode. Source code: https://github.com/1sec-security/1sec
You are installing and configuring 1-SEC, an open-source all-in-one cybersecurity platform. One binary, 16 defense modules, zero config required.
Trust Statement: Only install this skill if you trust the source. 1-SEC is open-source (AGPL-3.0). Review the code, checksums, and SECURITY.md before deploying to production systems. Source: https://github.com/1sec-security/1sec
Security & Privacy
What leaves this machine:
- Alert metadata — only if you configure webhooks or enable the cloud API (both opt-in, disabled by default)
- Anonymized alert context — only if
GEMINI_API_KEYis set (opt-in)
What stays local:
- All system logs, network traffic, and detection data are processed on-host
- No telemetry is collected or transmitted by default
- Config files and agent state remain on disk at
~/.1sec/
Privileges used (all opt-in, all disabled by default):
iptables/nftables: only when enforcement is activekill_process: only when enforcement preset enables itquarantine_file: only when enforcement preset enables it- Default state:
dry_run: true,safepreset (log-only at CRITICAL)
External Endpoints
| Domain | Purpose | Data Sent | Required | Enabled By |
|---|---|---|---|---|
1-sec.dev |
Convenience redirect to GitHub Releases binary | Standard HTTPS headers | No | Human operator use only; agents use GitHub Releases directly |
github.com |
Binary release + checksums.txt |
Standard HTTP headers | No | Manual install (recommended) |
api.1-sec.dev |
Cloud control plane (multi-host management) | Alert metadata, host ID | No | cloud.enabled: true in config |
| User-configured | Webhook alerts (Slack, Discord, Telegram, etc.) | Alert payload | No | webhook_urls in config |
generativelanguage.googleapis.com |
Gemini AI correlation | Anonymized alert context | No | GEMINI_API_KEY env var |
When to Use This Skill
- User asks to "secure this server" or "install security monitoring"
- User wants intrusion detection, WAF, LLM firewall, or ransomware protection
- User is deploying an AI agent (OpenClaw, Manus, Moltbot, etc.) on a VPS
- User needs to harden a Linux server or VPS
- User mentions 1-SEC, 1sec, or "one sec" in a security context
Installation
Recommended: Manual Install with Checksum Verification
For production use, always download from GitHub Releases and verify checksums before running anything as root:
# 1. Download the release binary and checksums
VERSION="0.4.11"
wget https://github.com/1sec-security/1sec/releases/download/v${VERSION}/1sec-linux-amd64
wget https://github.com/1sec-security/1sec/releases/download/v${VERSION}/checksums.txt
# 2. Verify SHA256 checksum before running as root
sha256sum -c checksums.txt 2>&1 | grep 1sec-linux-amd64
# 3. Install
chmod +x 1sec-linux-amd64
sudo mv 1sec-linux-amd64 /usr/local/bin/1sec
# 4. Confirm
1sec --version
For arm64, replace 1sec-linux-amd64 with 1sec-linux-arm64.
Alternative: Convenience Install URL
The URL https://1-sec.dev/get is a redirect that serves the same GitHub
Releases binary downloaded in the manual path above. Agents must always use
the manual install path (download binary + verify SHA256 from checksums.txt)
so integrity is confirmed before any file is executed.
Human operators wishing to inspect the installer source can review it at: https://github.com/1sec-security/1sec/blob/main/get.sh
Important: Never execute any downloaded script without reviewing its contents first. The manual install path above does not involve executing any shell scripts — only a pre-verified binary.
Post-Install Setup
Option A: Non-interactive (recommended for agents)
1sec setup --non-interactive
1sec up
Option B: AI agent VPS deployment
The vps-agent preset is designed for unattended AI agent hosts. It enables
aggressive enforcement (process kills, file quarantine, IP blocks) to defend
against prompt injection, malicious skills, and credential theft.
Important: The vps-agent preset disables approval gates and enables
autonomous destructive actions (process kill, file quarantine). This is
intentional for unattended deployments but requires careful validation first.
Recommended deployment path — always validate in dry-run before going live:
# Install (manual method recommended — see above)
1sec setup --non-interactive
# Apply preset in dry-run first
1sec enforce preset vps-agent --dry-run
1sec up
# Monitor 24-48 hours in dry-run mode
1sec alerts
1sec enforce history
# Preview what would have been enforced
1sec enforce test auth_fortress
1sec enforce test llm_firewall
# Only go live after validating dry-run output
1sec enforce dry-run off
# Optional: configure notifications
1sec config set webhook-url https://hooks.slack.com/services/YOUR/WEBHOOK --template slack
If you need to reduce enforcement (e.g., false positive tuning):
# In 1sec.yaml, override specific actions:
enforcement:
policies:
ai_containment:
actions:
- action: kill_process
enabled: false # Disable if too aggressive
runtime_watcher:
min_severity: HIGH # Raise threshold from MEDIUM
Option C: Interactive setup
1sec setup
Walks through config creation, AI key setup, and API authentication.
Enforcement Presets
1-SEC ships with dry_run: true and the safe preset by default. No live
enforcement happens until you explicitly enable it.
| Preset | Behavior |
|---|---|
lax |
Log + webhook only. Never blocks or kills. |
safe |
Default. Blocks only brute force + port scans at CRITICAL. |
balanced |
Blocks IPs on HIGH, kills processes on CRITICAL. |
strict |
Aggressive enforcement on MEDIUM+. |
vps-agent |
Max security for unattended AI agent hosts. Use with dry-run first. |
Recommended progression for new deployments: lax → safe → balanced → strict
# Preview a preset without applying
1sec enforce preset strict --show
# Apply with dry-run safety net
1sec enforce preset balanced --dry-run
# Apply live
1sec enforce preset balanced
VPS-Agent Preset: What It Does
The vps-agent preset is purpose-built for unattended AI agent hosts where
no human SOC team is actively monitoring. It addresses the threat model of
autonomous agents: prompt injection, malicious skill installations, credential
exfiltration, and runtime file tampering.
Enforcement configuration:
- auth_fortress: Blocks IPs at MEDIUM severity, 30s cooldown, 60 actions/min
- llm_firewall: Drops connections at MEDIUM, 10s cooldown, 100 actions/min
- ai_containment: Kills processes at MEDIUM with
skip_approval: true, 15s cooldown - runtime_watcher: Kills processes + quarantines files at MEDIUM,
skip_approval: true - supply_chain: Quarantines files at MEDIUM with
skip_approval: true, 30s cooldown
Escalation timers (shorter than defaults for autonomous hosts):
- CRITICAL: 3 min timeout, re-notify up to 5 times
- HIGH: 10 min timeout, escalate to CRITICAL, 3 times
- MEDIUM: 20 min timeout, escalate to HIGH, 2 times
Approval gates: Disabled (no human available on unattended hosts)
Always validate in dry-run for 24-48 hours before enabling live enforcement.
Essential Commands
1sec up # Start engine (all 16 modules)
1sec status # Engine status
1sec alerts # Recent alerts
1sec alerts --severity HIGH # Filter by severity
1sec modules # List all modules
1sec dashboard # Real-time TUI dashboard
1sec check # Pre-flight diagnostics
1sec doctor # Health check with fix suggestions
1sec stop # Graceful shutdown
Enforcement Management
1sec enforce status # Enforcement engine status
1sec enforce policies # List response policies
1sec enforce history # Action execution history
1sec enforce dry-run off # Go live (disable dry-run)
1sec enforce test <module> # Simulate alert, preview actions
1sec enforce approvals pending # Pending human approval gates
1sec enforce escalations # Escalation timer stats
1sec enforce batching # Alert batcher stats
1sec enforce chains list # Action chain definitions
AI Analysis (Optional)
All 16 detection modules work with zero API keys. For AI-powered cross-module correlation, set a Gemini API key:
# Via environment variable
export GEMINI_API_KEY=your_key_here
1sec up
# Or via CLI
1sec config set-key AIzaSy...
# Multiple keys for load balancing
1sec config set-key key1 key2 key3
The 16 Modules
| # | Module | Covers |
|---|---|---|
| 1 | Network Guardian | DDoS, rate limiting, IP reputation, C2 beaconing, port scans |
| 2 | API Fortress | BOLA, schema validation, shadow API discovery |
| 3 | IoT & OT Shield | Device fingerprinting, protocol anomaly, firmware integrity |
| 4 | Injection Shield | SQLi, XSS, SSRF, command injection, template injection |
| 5 | Supply Chain Sentinel | SBOM, typosquatting, dependency confusion, CI/CD |
| 6 | Ransomware Interceptor | Encryption detection, canary files, wiper detection |
| 7 | Auth Fortress | Brute force, credential stuffing, MFA fatigue, AitM |
| 8 | Deepfake Shield | Audio forensics, AI phishing, BEC detection |
| 9 | Identity Fabric | Synthetic identity, privilege escalation |
| 10 | LLM Firewall | 65+ prompt injection patterns, jailbreak detection, multimodal scanning |
| 11 | AI Agent Containment | Action sandboxing, scope escalation, OWASP Agentic Top 10 |
| 12 | Data Poisoning Guard | Training data integrity, RAG pipeline validation |
| 13 | Quantum-Ready Crypto | Crypto inventory, PQC readiness, TLS auditing |
| 14 | Runtime Watcher | FIM, container escape, LOLBin, memory injection |
| 15 | Cloud Posture Manager | Config drift, misconfiguration, secrets sprawl |
| 16 | AI Analysis Engine | Two-tier Gemini pipeline for correlation |
Configuration
Zero-config works out of the box. For customization:
1sec init # Generate 1sec.yaml
1sec config --validate # Validate config
Key config sections: server, bus, modules, enforcement, escalation,
archive, cloud. See references/config-reference.md for details.
Webhook Notifications
# In 1sec.yaml
alerts:
webhook_urls:
- "https://hooks.slack.com/services/YOUR/WEBHOOK/URL"
# Enforcement webhooks support templates:
# pagerduty, slack, teams, discord, telegram, generic
Docker Deployment
cd deploy/docker
docker compose up -d
docker compose logs -f
Day-to-Day Operations (Post-Install)
1sec status # Quick health check
1sec alerts # Recent alerts
1sec alerts --severity HIGH # Filter by severity
1sec enforce status # Enforcement engine state
1sec enforce history # What actions were taken
1sec threats --blocked # Currently blocked IPs
1sec doctor # Health check with fix suggestions
Uninstall
1sec stop
1sec enforce cleanup # Remove iptables rules
sudo rm /usr/local/bin/1sec
rm -rf ~/.1sec
Additional References
references/operations-runbook.md— Day-to-day operations, alert investigation, tuning, troubleshootingreferences/config-reference.md— Full configuration referencereferences/vps-agent-guide.md— Detailed VPS agent deployment guidescripts/install-and-configure.sh— Automated install + configure script
安全使用建议
This package appears to be a legitimate installer for an on-host security agent, but review these points before installing:
- Verify provenance: compare the repository and release referenced in SKILL.md to the official project (the skill points to github.com/1sec-security/1sec). Confirm the GitHub owner is who you expect and inspect the release artifacts and checksums yourself. The registry's reported version (0.4.15) differs from the files (0.4.11) — resolve that mismatch.
- Prefer manual install & verification: follow the documented manual download + sha256sum verification rather than running scripts blindly. Check checksums.txt on GitHub and verify locally.
- Test in isolation: install first in a non-production/staging environment. The platform can (if you enable aggressive presets) kill processes and quarantine files automatically — test with dry-run and the safe preset.
- Be cautious with opt-ins: enabling cloud.enabled, GEMINI_API_KEY, or webhook URLs will transmit alert metadata and host identifiers off-host. Only enable these to trusted endpoints and rotate any API keys you provide.
- Review presets before applying: the vps-agent preset disables approval gates and may use skip_approval for critical actions. The installer defaults to dry-run safe mode, but applying aggressive presets has high impact.
- Confirm auto-update and uninstall procedures: understand how selfupdate works and how to fully remove the agent (the docs provide steps). Consider disabling auto-update if you require stricter control.
If you want higher confidence, ask the publisher to provide a homepage, reproducible release artifacts, GPG-signed releases, or an SBOM — and confirm the registry metadata is updated to match the shipped files.
功能分析
Type: OpenClaw Skill
Name: 1sec-security
Version: 0.4.15
The skill bundle is for '1-SEC', an open-source cybersecurity platform. It securely installs a pre-built binary from GitHub Releases, verifying SHA256 checksums before execution, as detailed in `SKILL.md` and `scripts/install-and-configure.sh`. The `SKILL.md` explicitly instructs the AI agent to use this secure manual installation method. While the 1-SEC tool itself has high-risk capabilities (e.g., `kill_process`, `quarantine_file`, `block_ip`) and can be configured aggressively (e.g., `vps-agent` preset), these are clearly declared, opt-in, and intended for security enforcement. The documentation (`SECURITY.md`, `references/*.md`) is highly transparent about permissions, data handling, and recommends starting in dry-run mode. There is no evidence of malicious intent, unauthorized data exfiltration, or deceptive prompt injection attempts against the agent.
能力评估
Purpose & Capability
The skill claims to install and manage the 1-SEC security binary and the included script and docs do exactly that (download a release binary, verify checksum, install, run setup, apply presets). That capability is proportional to the stated purpose. However: the registry metadata (version 0.4.15) does not match the SKILL.md and installer script (version 0.4.11), and the package provides no homepage while pointing to an external GitHub repo in SKILL.md. These mismatches reduce confidence in provenance.
Instruction Scope
Runtime instructions and the installer script are narrowly scoped to downloading a specific GitHub release binary, verifying its SHA256, installing it, running non-interactive setup, and applying a preset (default: safe/dry-run). The README/runbooks include high-impact operational instructions (vps-agent preset with skip_approval: true that will kill processes and quarantine files, cloud API options, webhook notifications). Those powerful enforcement behaviors are documented and opt-in, but they are present in the instructions and can be enabled by the operator — users should be aware of the destructive actions the product can take if presets are changed.
Install Mechanism
No opaque third-party downloads or pastebin URLs are used: the installer script fetches binaries and checksums directly from GitHub Releases and verifies SHA256 before installing. The script explicitly avoids piping remote content to shell, deletes mismatched downloads, and documents manual verification. This is an expected and reasonably safe install approach if you trust the GitHub release source and account.
Credentials
No environment variables are required by the skill, and SKILL.md only lists optional env vars (GEMINI_API_KEY, ONESEC_API_KEY, ONESEC_WEBHOOK_URL). The references mention additional env patterns (e.g., GEMINI_API_KEY_2) and cloud API keys for centralized management; these are optional but carry privacy/credential implications. Enabling cloud or AI correlation will transmit alert metadata/host identifiers off-host (documented as opt-in). Requesting webhook URLs and API keys is proportional to the product's features but merits operator review before enabling.
Persistence & Privilege
The skill does not request 'always: true' and does not force persistent installation by itself; it installs a binary that is intended to run as a local daemon. The product recommends running with sudo/root for full enforcement, which is consistent with a host security agent but increases privilege impact. The runbooks document auto-update/selfupdate behavior (checks for updates daily) and an opt-in cloud control plane — both normal for agents but notable from an operational-security perspective.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install 1sec-security - 安装完成后,直接呼叫该 Skill 的名称或使用
/1sec-security触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.4.15
Restructuring.
v0.4.14
- Clarified that agent-based installs always use the manual GitHub Releases path, bypassing remote installer scripts for added security.
- Updated description of 1-sec.dev to note it’s a convenience redirect for human operators and not used by agents.
- Added an explicit security notice stating no remote scripts are executed and SHA256 checksums must be verified before execution.
- Improved install instructions and documentation to emphasize binary verification and responsible script review.
- No functional or code changes; documentation/security posture improvements only.
v0.4.13
No code changes in this version. SKILL.md was reworked for transparency, trust, and improved installation/privacy info.
- Expanded and clarified security, privacy, and external connection details.
- Added explicit trust, open-source, and verification instructions.
- Documented all required/optional environment variables.
- Updated installation guidance to emphasize manual install and checksum verification.
- Added improved explanations of enforcement presets and risk warnings for aggressive options.
- Refined and restructured for clarity, transparency, and safer production deployment.
v0.4.12
**Expanded security and transparency documentation, plus new vulnerability reporting.**
- Added SECURITY.md with details on vulnerability reporting and supply chain security.
- SKILL.md updated with a new Security & Transparency section: external connections, data collection, permissions, binary/source verification, and installation auditability.
- Manual installation instructions now include checksum verification for enhanced supply chain trust.
- Outlined all optional external connections and clarified when/why connections are made.
- Security policy and source repository info added to metadata for visibility.
v0.4.11
v0.4.11 — 16 defense modules in a single binary, zero config required. 68 prompt injection detection patterns + 3-layer multimodal hidden injection scanner (image metadata, HTML/CSS steganography, PDF hidden text). Purpose-built vps-agent enforcement preset for autonomous AI agent hosts with escalation timers and skip-approval on critical actions. Native notification templates for Slack, Discord, Telegram, PagerDuty, and Teams. Rust high-performance sidecar for packet-level pattern matching. Full enforcement engine with 5 presets (lax, safe, balanced, strict, vps-agent), action chains, alert batching, deduplication, and webhook retry with dead-letter queue.
元数据
常见问题
1-SEC: All-in-One Cybersecurity for AI Agent Hosts 是什么?
Install, configure, and manage 1-SEC — an open-source, all-in-one cybersecurity platform (16 modules, single binary) on Linux servers and VPS instances. Use... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 889 次。
如何安装 1-SEC: All-in-One Cybersecurity for AI Agent Hosts?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install 1sec-security」即可一键安装,无需额外配置。
1-SEC: All-in-One Cybersecurity for AI Agent Hosts 是免费的吗?
是的,1-SEC: All-in-One Cybersecurity for AI Agent Hosts 完全免费(开源免费),可自由下载、安装和使用。
1-SEC: All-in-One Cybersecurity for AI Agent Hosts 支持哪些平台?
1-SEC: All-in-One Cybersecurity for AI Agent Hosts 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 1-SEC: All-in-One Cybersecurity for AI Agent Hosts?
由 cutmob(@cutmob)开发并维护,当前版本 v0.4.15。
推荐 Skills