← 返回 Skills 市场
bytesagain3

Auditd

作者 bytesagain3 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ 安全检测通过
149
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install auditd
功能描述
Linux Audit Framework reference. auditctl rules for file watches and syscall auditing, auditd.conf configuration, ausearch log queries, aureport summaries, a...
使用说明 (SKILL.md)

auditd

Linux Audit Framework reference — kernel-level security auditing.

Commands

Command Description
intro What is auditd, architecture, quick start
rules auditctl watches, syscall rules, filters
config auditd.conf settings, rotation, disk actions
search ausearch by key, time, user, file
report aureport summaries, login, auth, file
logs audit.log format, field meanings
compliance CIS benchmark and PCI-DSS rules
tools auditctl, audit2allow, aulast, autrace
安全使用建议
This skill is a local reference for auditd and appears coherent, but it documents and would instruct the agent to run commands that require root and can change system auditing (add/delete/lock rules, suspend logging, restart the daemon). Before installing or invoking: (1) review the included script and SKILL.md yourself; (2) do not allow the agent to run these commands as root without human review — prefer read-only queries; (3) test any commands in a non-production environment first; (4) if you enable autonomous invocation, restrict the agent's privileges so it cannot modify audit rules or restart system services without explicit human approval.
功能分析
Type: OpenClaw Skill Name: auditd Version: 1.0.0 The 'auditd' skill bundle is a purely informational reference tool for the Linux Audit Framework. The main script (scripts/script.sh) contains static documentation and command examples for auditctl, ausearch, and aureport, which are printed to the console but never executed. There is no evidence of malicious intent, data exfiltration, or prompt injection.
能力评估
Purpose & Capability
The name/description (auditd reference) aligns with the files and included script: examples and guidance for auditctl, ausearch, aureport, and auditd.conf. The skill does not request unrelated credentials or config paths. Note: the SKILL.md and script assume standard system utilities (auditctl, ausearch, aureport, augenrules, systemctl/service, kill, etc.) are present but these are not listed as required binaries — this is a minor metadata omission, not a functional mismatch.
Instruction Scope
Instructions are focused on auditd usage, log searching, and rule management. However, many suggested commands modify system state (adding/deleting/locking rules, restarting or signaling auditd, changing disk action policies) and therefore require root privileges and can impact system behavior (including suspending logging). The skill's instructions also reference reading /var/log/audit/audit.log and /etc/audit files — appropriate for the purpose but potentially sensitive.
Install Mechanism
No install spec (instruction-only plus a bundled script). No downloads or external installers are used, so there is no additional install-time risk.
Credentials
The skill requests no environment variables, credentials, or config paths. The operations it documents do require local privileged access to audit configuration/logs, which is proportional to an auditd reference skill.
Persistence & Privilege
The skill is not marked always:true and does not request persistent system-wide configuration changes on install. Note that an agent invoking the skill (autonomously) could run privileged commands if the agent process has elevated rights — this is a platform usage consideration, not a misbehavior of the skill itself.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install auditd
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /auditd 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
publish v1.0.0
元数据
Slug auditd
版本 1.0.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Auditd 是什么?

Linux Audit Framework reference. auditctl rules for file watches and syscall auditing, auditd.conf configuration, ausearch log queries, aureport summaries, a... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 149 次。

如何安装 Auditd?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install auditd」即可一键安装,无需额外配置。

Auditd 是免费的吗?

是的,Auditd 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Auditd 支持哪些平台?

Auditd 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Auditd?

由 bytesagain3(@bytesagain3)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论