ReefWatch

Continuous local security monitoring daemon for Linux and macOS. Detects brute-force attacks, malware, privilege escalation, suspicious processes, file tampe...

This skill appears to do what it claims: a local host-based intrusion detection daemon that alerts OpenClaw via a webhook. Before installing or enabling it, consider the following: - Review setup_rules.py and the rules download sources: rule updates are fetched from the network and will pull third-party YARA/Sigma rule repositories (expected, but verify the URLs and trust the sources). - The instructions install Python packages via pip from the skill's requirements.txt. Pip installs can run code/build native extensions (e.g., yara-python). Prefer installing in a virtualenv, container, or test machine first rather than globally. - The daemon reads system logs, enumerates processes, inspects network connections, and can hash files (including critical system files). These operations may require root/privileged access to be fully effective and will access sensitive data (e.g., auth logs, /etc). Only run if you accept that level of access. - By default the AlertManager refuses external webhooks unless webhook.allow_external is explicitly enabled; if you do enable external alerting, ensure the webhook URL is trustworthy and HTTPS is used. The skill stores logs/history under ~/.openclaw and writes a pid file to /tmp when started. - If you plan to run continuously, inspect the provided systemd/launchd service files before enabling them, and run the code in a controlled environment first (or audit the rule sets and config) to confirm it behaves as expected. Overall: coherent with its purpose (benign), but treat it like any privileged monitoring agent — review network rule downloads, run in an isolated environment to validate, and avoid installing globally without inspection.

Type: OpenClaw Skill Name: reefwatch Version: 1.3.0 The OpenClaw AgentSkills skill bundle 'reefwatch' is a Host-based Intrusion Detection System (HIDS) designed to monitor for and alert on security threats. Its code and documentation consistently align with this benign purpose. Key indicators supporting this classification include robust SSRF prevention in `alert_manager.py` for webhook communication, secure file handling with `0o600` permissions and `O_NOFOLLOW` flags for sensitive files (e.g., PID, status, history, rule files), and explicit detection mechanisms for prompt injection attacks (Unicode obfuscation, specific phrases) targeting OpenClaw's own configuration in `reefwatch/engines/custom_rules.py`. Furthermore, `setup_rules.py` employs supply chain best practices by pinning Git clones of YARA and Sigma rules to specific tags, mitigating risks from upstream changes. All system interactions (e.g., `subprocess.run` for log collection, `psutil` for system monitoring) are necessary for its stated security function and are implemented with security considerations.