← 返回 Skills 市场
214
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install sjht-server-audit
功能描述
远程服务器安全巡检和环境报告工具。 通过 SSH 免密登录远程主机,全面检查系统信息、运行服务、开放端口、 Web 服务器配置、数据库配置、安全设置(SSH/防火墙/SELinux)、可疑进程和定时任务, 生成结构化的巡检报告。Use when 用户需要检查服务器安全、排查服务器环境、 了解服务器上运行了什么服务...
安全使用建议
This script is coherent for performing a remote server audit, but review and test it before running on production. Specifically:
- Verify SSH key handling: the skill assumes passwordless SSH; ensure the private key is stored and used securely (or provide it via a known credential manager), and confirm which user/account will be used.
- Expect the script to execute commands on the remote host and read config files (e.g., /etc/ssh/sshd_config, /etc/nginx/*, /etc/cron.d/*, site directories). These are necessary for auditing but may expose sensitive configuration—run on hosts you control or have explicit permission to audit.
- Fix the documentation/implementation mismatch: SKILL.md claims reports are saved under ~/.openclaw/workspac/audits/... but the script currently writes to a temporary file and the trap removes it on exit. If you need persistent reports, modify the script to write the structured Markdown to the intended path (and ensure directory exists and permissions are correct).
- The SKILL.md lists a dependency on an 'ssh-ops' skill; the package metadata does not declare this. Confirm how SSH keys/session management is expected to work in your agent environment.
- Test on a non-production host first to confirm output, adjust parsing rules, and verify nothing is transmitted off your environment. If you want stronger guarantees, consider adding explicit logging/consent steps and avoid running on hosts without authorization.
功能分析
Type: OpenClaw Skill
Name: sjht-server-audit
Version: 1.0.0
The skill is a legitimate server security auditing tool designed to collect system information, service statuses, and configuration details via SSH. The bash script (scripts/server-audit.sh) performs standard diagnostic commands (ss, systemctl, grep on config files) to identify common security misconfigurations like exposed database ports or weak SSH settings. The instructions in SKILL.md explicitly advise the agent to keep reports local and avoid uploading sensitive data to public repositories, demonstrating security-conscious design aligned with its stated purpose.
能力评估
Purpose & Capability
The name/description (remote server security audit via SSH) matches what the script does: it SSH-es into the target and collects system info, services, ports, web/db config, cron entries, and produces a local report. No unrelated credentials, binaries, or external services are requested.
Instruction Scope
The SKILL.md instructs running scripts/server-audit.sh which indeed SSH-es to the target and collects config files and logs — appropriate for an audit. However there are two mismatches: SKILL.md states reports are saved to ~/.openclaw/workspac/audits/<IP>-<date>.md, but the shipped script does not write such a persistent file (it writes to a local temporary file $TMPFILE and the trap removes it on exit). Also SKILL.md lists 'ssh-ops' skill as a precondition but that dependency is not declared in metadata. These inconsistencies could lead to surprises (lost report, undeclared dependency).
Install Mechanism
Instruction-only skill with an included shell script; no install spec, no external downloads or package installs. Low install-time risk since nothing is fetched/installed automatically.
Credentials
The skill requests no environment variables or external credentials in metadata. Operationally it requires SSH key-based access to target hosts (private key must be present on the agent or managed by another skill like 'ssh-ops'). This is proportional to its purpose, but the requirement is only documented in SKILL.md (not declared in metadata) so users must ensure their SSH keys are handled securely.
Persistence & Privilege
always is false and the skill does not request persistent privileges or modify other skills/config. It executes remotely over SSH and stores output locally in a temp file; no evidence of attempts to persist beyond that or modify agent-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install sjht-server-audit - 安装完成后,直接呼叫该 Skill 的名称或使用
/sjht-server-audit触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
# Changelog — server-audit
所有格式基于 [Keep a Changelog](https://keepachangelog.com/zh-CN/1.1.0/),
版本号遵循 [语义化版本](https://semver.org/lang/zh-CN/)。
---
## [0.1.0] — 2026-03-19
### 新增
- 初始版本发布
- **服务器巡检脚本** `scripts/server-audit.sh`
- 系统信息采集:OS、内核、CPU、内存、磁盘、Swap
- 运行服务检测:systemd running services
- 开放端口扫描:ss -tlnp 全部 TCP 监听
- 防火墙状态检查:firewalld 规则、SELinux 模式
- Web 服务检测:Nginx/PHP-FPM/MariaDB/Node/Docker 版本与状态
- Nginx 虚拟主机配置提取(server_name/root/listen)
- 网站目录扫描:WordPress 检测、HTML 站点检测
- 安全配置审计:SSH 配置(密码认证/Root 登录/端口)
- 可疑项检查:失败登录记录、用户/系统定时任务、高内存进程
- 快速安全判定:自动识别 🔴严重/⚠️警告 级别问题
### 安全判定规则
- 🔴 严重:数据库端口全网暴露、管理面板全网暴露、SSH 允许 Root 密码登录
- ⚠️ 警告:防火墙未启用、SELinux 禁用、SSH 密码认证未禁用、无 Swap、暴力破解痕迹
### 首次验证
- 对 xxxxx(OpenCloudOS 9.4)完成完整巡检
- 检出 3 个严重安全问题
- 检出 4 个警告
- 生成详细巡检报告
元数据
常见问题
sjht-server-audit 是什么?
远程服务器安全巡检和环境报告工具。 通过 SSH 免密登录远程主机,全面检查系统信息、运行服务、开放端口、 Web 服务器配置、数据库配置、安全设置(SSH/防火墙/SELinux)、可疑进程和定时任务, 生成结构化的巡检报告。Use when 用户需要检查服务器安全、排查服务器环境、 了解服务器上运行了什么服务... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 214 次。
如何安装 sjht-server-audit?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install sjht-server-audit」即可一键安装,无需额外配置。
sjht-server-audit 是免费的吗?
是的,sjht-server-audit 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
sjht-server-audit 支持哪些平台?
sjht-server-audit 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 sjht-server-audit?
由 Aowind(@aowind)开发并维护,当前版本 v1.0.0。
推荐 Skills