← 返回 Skills 市场
Soc Deploy Thehive
作者
Solomon Neas
· GitHub ↗
· v1.0.0
· MIT-0
147
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install soc-deploy-thehive
功能描述
Deploy TheHive 5 + Cortex 3 incident response platform on any Docker-ready Linux host. Automates account creation, API key generation, Cortex CSRF handling,...
安全使用建议
This skill appears to do what it says: deploy TheHive + Cortex to a Docker-ready Linux host and generate API keys. Before using it: (1) only run it on a host you control and trust — it will create containers and save plaintext credentials to ~/thehive-cortex/api-keys.txt and print them to stdout; delete or move that file to secure storage when done. (2) Ensure the target has prerequisites installed (docker, docker compose v2, curl, openssl, sed) and that you have SSH/SCP access as instructed. (3) Review the included setup.sh and docker-compose.yml yourself (they are provided) to confirm network/port exposure and volumes meet your security policy. (4) Consider using a stronger generated secret and rotating keys after initial setup. If you want tighter security, run the deployment in an isolated lab or VM, and then harden the instance (firewall, remove plaintext key files, enable TLS) before exposing it to production.
功能分析
Type: OpenClaw Skill
Name: soc-deploy-thehive
Version: 1.0.0
The skill is a legitimate automation bundle for deploying TheHive 5 and Cortex 3 incident response platforms via Docker. The core logic in `scripts/setup.sh` correctly handles complex multi-step setup processes, including service health polling, administrative password rotation, and the specific CSRF-token requirements of the Cortex API. It generates secure random secrets using `openssl` and properly integrates the two services by programmatically updating the `docker-compose.yml` file. All network activity is restricted to `localhost` for service configuration, and the documentation provided in `gotchas.md` and `api-reference.md` is accurate and helpful for the stated purpose.
能力评估
Purpose & Capability
The name/description match the included artifacts: SKILL.md, docker-compose.yml, and setup.sh all perform TheHive+Cortex deployment and API key setup. Minor mismatch: the registry metadata lists no required binaries, but the instructions and script expect common system tools (ssh/scp, docker, docker compose, curl, sed, openssl). This is expected for the stated purpose but the manifest omits declaring those prerequisites.
Instruction Scope
SKILL.md and setup.sh stay within deployment scope: they create/write docker-compose.yml (after user SCP), start containers, perform HTTP calls to local services to create users/keys, and wire integration. They explicitly save generated credentials to ~/thehive-cortex/api-keys.txt and print them to stdout — this is necessary for the task but is sensitive and should be handled carefully. The instructions do not read unrelated host files or call external endpoints.
Install Mechanism
No install spec; this is an instruction-only skill with an included setup.sh and static docker-compose. Nothing is downloaded from arbitrary URLs or installed on the agent's machine. Risk from installation is low.
Credentials
The skill does not request credentials or environment variables in its manifest, which is consistent. However, the script relies on host binaries (docker, docker compose, curl, openssl, sed, ssh/scp for SCP/SSH steps) that are not declared; ensure these exist on the target. The script writes plaintext credentials and API keys to a file in the target user's home and prints them — appropriate for deployment but a sensitive side-effect.
Persistence & Privilege
The skill does not request privileged platform features (always:true is false). It creates Docker containers with restart: unless-stopped and writes files under the target user's home; that persistence is expected for a service deployment and is within scope.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install soc-deploy-thehive - 安装完成后,直接呼叫该 Skill 的名称或使用
/soc-deploy-thehive触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of soc-deploy-thehive: Deploy TheHive 5 + Cortex 3 via Docker on any Linux host.
- Automates deployment of TheHive 5.4 and Cortex 3.1.8, including all integration wiring.
- Handles admin account creation, password setting, API key generation, and Cortex CSRF/workflow.
- Verifies all services are running, writes ready-to-use API keys and URLs to disk.
- Platform-agnostic: works on any SSH-accessible, Docker-ready Linux host.
- Includes guidance on required RAM, dependencies, integration gotchas, and output usage.
元数据
常见问题
Soc Deploy Thehive 是什么?
Deploy TheHive 5 + Cortex 3 incident response platform on any Docker-ready Linux host. Automates account creation, API key generation, Cortex CSRF handling,... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 147 次。
如何安装 Soc Deploy Thehive?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install soc-deploy-thehive」即可一键安装,无需额外配置。
Soc Deploy Thehive 是免费的吗?
是的,Soc Deploy Thehive 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Soc Deploy Thehive 支持哪些平台?
Soc Deploy Thehive 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Soc Deploy Thehive?
由 Solomon Neas(@solomonneas)开发并维护,当前版本 v1.0.0。
推荐 Skills