← 返回 Skills 市场
NxtSecure-openclaw
作者
scorpion7slayer
· GitHub ↗
· v0.1.3
· MIT-0
320
总下载
1
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install nxtsecure-openclaw
功能描述
Use when auditing and remediating an OpenClaw Linux host with a nightly 23:00 security run. Covers firewall status, fail2ban bans, SSH hardening with key-onl...
安全使用建议
This skill appears to do what it says, but it modifies system state and can remediate automatically. Before installing or enabling: 1) Inspect the bundled scripts yourself and test them on a non-production host. 2) Backup SSH config and ensure you have an alternate access method (console or recovery) in case of lockout. 3) Consider setting AUTO_REMEDIATE=0 in the config to run in report-only mode, then enable remediation after manual review. 4) Note the cron installer will add a persistent nightly job; run it only on hosts you want scheduled audits on. 5) The SKILL.md suggests installing an external npm package — if you follow that step, verify the upstream package (publisher, version) before running. 6) VirusTotal uploads are disabled by default; the script will prepare browser-based workflows and only uploads if you explicitly enable/approve it. 7) If you need higher assurance, run the audit scripts manually once and review their output/logs before installing the cron.
功能分析
Type: OpenClaw Skill
Name: nxtsecure-openclaw
Version: 0.1.3
The skill bundle implements an automated security audit and remediation suite that performs high-risk system modifications, including disabling SSH password authentication, changing SSH ports, modifying firewall rules, and stopping Docker containers (scripts/openclaw_security_audit.sh). It establishes persistence via a nightly root cron job (scripts/install_cron.sh) and instructs the agent to install an external global npm package (nxtsecure-openclaw). While SKILL.md includes safety guidance to prevent user lockout and requires consent for file uploads to VirusTotal, the automated execution of privileged system changes and the use of browser-based automation for security checks represent a high-risk capability set that could be used for system disruption or unauthorized access if misconfigured or subverted.
能力评估
Purpose & Capability
The name/description (OpenClaw host security audit, nightly 23:00 run) match the delivered assets: a main audit script, a cron installer, and a VirusTotal helper. The checks implemented (firewall, fail2ban, SSH hardening, listening ports, Docker review, disk, failed logins, automatic updates, VirusTotal browser workflow) are expected for this purpose.
Instruction Scope
The SKILL.md and bundled scripts instruct the agent to perform privileged changes: enable services, modify SSH configuration (disable password auth, add drop-in files), and potentially enable firewall rules. These actions are coherent for a remediation tool but are powerful. The skill attempts automatic remediation by default (AUTO_REMEDIATE=1) and will disable SSH password auth automatically if allowed — the README includes safety guidance (check new port, open firewall, test a second session) which mitigates lockout risk, but the automatic remediation default can still surprise an operator who expects only reporting.
Install Mechanism
There is no install spec in the registry bundle (instruction-only plus local scripts). The SKILL.md suggests an npm package (npm install -g nxtsecure-openclaw) as a preferred CLI, but the repository includes functional local scripts as fallbacks. Installing the npm package would fetch external code not included here; the bundled scripts themselves do not download remote archives and are inspectable.
Credentials
No secrets or unrelated credentials are requested. The scripts read system configuration files (ssh config, systemctl, firewall, Docker state) and accept a few optional env vars (OPENCLAW_AUDIT_CONFIG, OPENCLAW_AUDIT_LOG, VIRUSTOTAL_ALLOW_UPLOADS). These are proportional to a host audit but require elevated privileges to act, which is expected but sensitive.
Persistence & Privilege
The installer script writes a crontab entry to schedule the audit nightly at 23:00; this is persistent and, if run as root, will execute privileged work each night. The skill is not force-enabled (always:false). Autonomous model invocation is allowed by default (normal), but persistent scheduled execution is a real operational effect the user should explicitly approve.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install nxtsecure-openclaw - 安装完成后,直接呼叫该 Skill 的名称或使用
/nxtsecure-openclaw触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.3
- Initial release of openclaw-security-audit for OpenClaw Linux host security auditing and remediation.
- Provides nightly 23:00 automated security audit via cron.
- Checks cover firewall, fail2ban, SSH hardening (key-only, non-default port), listening ports, Docker allowlisting, disk usage, failed login attempts, security package updates, and VirusTotal web-based file/URL scanning.
- Includes step-by-step SSH hardening guidance with safe migration practices.
- VirusTotal checks use browser automation, not API keys, and require explicit user decisions for handling malicious or suspicious findings.
- CLI workflow with bundled scripts and config templates for ease of setup and operation.
元数据
常见问题
NxtSecure-openclaw 是什么?
Use when auditing and remediating an OpenClaw Linux host with a nightly 23:00 security run. Covers firewall status, fail2ban bans, SSH hardening with key-onl... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 320 次。
如何安装 NxtSecure-openclaw?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install nxtsecure-openclaw」即可一键安装,无需额外配置。
NxtSecure-openclaw 是免费的吗?
是的,NxtSecure-openclaw 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
NxtSecure-openclaw 支持哪些平台?
NxtSecure-openclaw 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 NxtSecure-openclaw?
由 scorpion7slayer(@scorpion7slayer)开发并维护,当前版本 v0.1.3。
推荐 Skills