Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

demerzels-lab/openclaw-security-monitor

Name: openclaw-security-monitor
Author: demerzels-lab

public/skills/adibirzu/openclaw-security-monitor/SKILL.md

npx skillsauth add demerzels-lab/elsamultiskillagent openclaw-security-monitor

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Security Monitor

Real-time security monitoring with threat intelligence from ClawHavoc research, daily automated scans, web dashboard, and Telegram alerting for OpenClaw.

Commands

/security-scan

Run a comprehensive 32-point security scan:

Known C2 IPs (ClawHavoc: 91.92.242.x, 95.92.242.x, 54.91.154.110)
AMOS stealer / AuthTool markers
Reverse shells & backdoors (bash, python, perl, ruby, php, lua)
Credential exfiltration endpoints (webhook.site, pipedream, ngrok, etc.)
Crypto wallet targeting (seed phrases, private keys, exchange APIs)
Curl-pipe / download attacks
Sensitive file permission audit
Skill integrity hash verification
SKILL.md shell injection patterns (Prerequisites-based attacks)
Memory poisoning detection (SOUL.md, MEMORY.md, IDENTITY.md)
Base64 obfuscation detection (glot.io-style payloads)
External binary downloads (.exe, .dmg, .pkg, password-protected ZIPs)
Gateway security configuration audit
WebSocket origin validation (CVE-2026-25253)
Known malicious publisher detection (hightower6eu, etc.)
Sensitive environment/credential file leakage
DM policy audit (open/wildcard channel access)
Tool policy / elevated tools audit
Sandbox configuration check
mDNS/Bonjour exposure detection
Session & credential file permissions
Persistence mechanism scan (LaunchAgents, crontabs, systemd)
Plugin/extension security audit
Log redaction settings audit
Reverse proxy localhost trust bypass detection
Exec-approvals configuration audit (CVE-2026-25253 exploit chain)
Docker container security (root, socket mount, privileged mode)
Node.js version / CVE-2026-21636 permission model bypass
Plaintext credential detection in config files
VS Code extension trojan detection (fake ClawdBot extensions)
Internet exposure detection (non-loopback gateway binding)
MCP server security audit (tool poisoning, prompt injection)

bash ~/.openclaw/workspace/skills/security-monitor/scripts/scan.sh

Exit codes: 0=SECURE, 1=WARNINGS, 2=COMPROMISED

/security-dashboard

Display a security overview with process trees via witr.

bash ~/.openclaw/workspace/skills/security-monitor/scripts/dashboard.sh

/security-network

Monitor network connections and check against IOC database.

bash ~/.openclaw/workspace/skills/security-monitor/scripts/network-check.sh

/security-remediate

Scan-driven remediation: runs scan.sh, skips CLEAN checks, and executes per-check remediation scripts for each WARNING/CRITICAL finding. Includes 32 individual scripts covering file permissions, exfiltration domain blocking, tool deny lists, gateway hardening, sandbox configuration, credential auditing, and more.

# Full scan + remediate (interactive)
bash ~/.openclaw/workspace/skills/security-monitor/scripts/remediate.sh

# Auto-approve all fixes
bash ~/.openclaw/workspace/skills/security-monitor/scripts/remediate.sh --yes

# Dry run (preview)
bash ~/.openclaw/workspace/skills/security-monitor/scripts/remediate.sh --dry-run

# Remediate a single check
bash ~/.openclaw/workspace/skills/security-monitor/scripts/remediate.sh --check 7 --dry-run

# Run all 32 remediation scripts (skip scan)
bash ~/.openclaw/workspace/skills/security-monitor/scripts/remediate.sh --all

Flags:

--yes / -y — Skip confirmation prompts (auto-approve all fixes)
--dry-run — Show what would be fixed without making changes
--check N — Run remediation for check N only (skip scan)
--all — Run all 32 remediation scripts without scanning first

Exit codes: 0=fixes applied, 1=some fixes failed, 2=nothing to fix

/security-setup-telegram

bash ~/.openclaw/workspace/skills/security-monitor/scripts/telegram-setup.sh [chat_id]

Web Dashboard

URL: http://<vm-ip>:18800

Dark-themed browser dashboard with auto-refresh, on-demand scanning, donut charts, process tree visualization, network monitoring, and scan history timeline.

Service Management

launchctl list | grep security-dashboard
launchctl unload ~/Library/LaunchAgents/com.openclaw.security-dashboard.plist
launchctl load ~/Library/LaunchAgents/com.openclaw.security-dashboard.plist

IOC Database

Threat intelligence files in ioc/:

c2-ips.txt - Known command & control IP addresses
malicious-domains.txt - Payload hosting and exfiltration domains
file-hashes.txt - Known malicious file SHA-256 hashes
malicious-publishers.txt - Known malicious ClawHub publishers
malicious-skill-patterns.txt - Malicious skill naming patterns

Daily Automated Scan

Cron job at 06:00 UTC with Telegram alerts. Install:

crontab -l | { cat; echo "0 6 * * * $HOME/.openclaw/workspace/skills/security-monitor/scripts/daily-scan-cron.sh"; } | crontab -

Threat Coverage

Based on research from 40+ security sources including:

ClawHavoc: 341 Malicious Skills (Koi Security)
CVE-2026-25253: 1-Click RCE
From SKILL.md to Shell Access (Snyk)
VirusTotal: From Automation to Infection
OpenClaw Official Security Docs
DefectDojo Hardening Checklist
Vectra: Automation as Backdoor
Cisco: AI Agents Security Nightmare
Bloom Security/JFrog: 37 Malicious Skills
OpenSourceMalware: Skills Ganked Your Crypto
Snyk: clawdhub Campaign Deep-Dive
OWASP Top 10 for Agentic Applications 2026
CrowdStrike: OpenClaw AI Super Agent
Argus Security Audit (512 findings)
ToxSec: OpenClaw Security Checklist
Aikido.dev: Fake ClawdBot VS Code Extension
Prompt Security: Top 10 MCP Risks

Installation

# From GitHub
git clone https://github.com/adibirzu/openclaw-security-monitor.git \
  ~/.openclaw/workspace/skills/security-monitor
chmod +x ~/.openclaw/workspace/skills/security-monitor/scripts/*.sh

The OpenClaw agent auto-discovers skills from ~/.openclaw/workspace/skills/ via SKILL.md frontmatter. After cloning, the /security-scan, /security-remediate, /security-dashboard, /security-network, and /security-setup-telegram commands will be available in the agent.

demerzels-lab/openclaw-security-monitor

public/skills/adibirzu/openclaw-security-monitor/SKILL.md

Proactive security monitoring, threat scanning, and auto-remediation for OpenClaw deployments

7 stars

testing

Updated Apr 5, 2026

$ install --global

skillsauth

npx skillsauth add demerzels-lab/elsamultiskillagent openclaw-security-monitor

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 5, 2026, 2:19 AM4.2s48 files scanned

SKILL.md

name:: openclaw-security-monitor
description:: Proactive security monitoring, threat scanning, and auto-remediation for OpenClaw deployments
tags:: [security, scan, remediation, monitoring, threat-detection, hardening]
version:: 3.0.0
author:: Adrian Birzu
user-invocable:: true

Security Monitor

Real-time security monitoring with threat intelligence from ClawHavoc research, daily automated scans, web dashboard, and Telegram alerting for OpenClaw.

Commands

/security-scan

Run a comprehensive 32-point security scan:

Known C2 IPs (ClawHavoc: 91.92.242.x, 95.92.242.x, 54.91.154.110)
AMOS stealer / AuthTool markers
Reverse shells & backdoors (bash, python, perl, ruby, php, lua)
Credential exfiltration endpoints (webhook.site, pipedream, ngrok, etc.)
Crypto wallet targeting (seed phrases, private keys, exchange APIs)
Curl-pipe / download attacks
Sensitive file permission audit
Skill integrity hash verification
SKILL.md shell injection patterns (Prerequisites-based attacks)
Memory poisoning detection (SOUL.md, MEMORY.md, IDENTITY.md)
Base64 obfuscation detection (glot.io-style payloads)
External binary downloads (.exe, .dmg, .pkg, password-protected ZIPs)
Gateway security configuration audit
WebSocket origin validation (CVE-2026-25253)
Known malicious publisher detection (hightower6eu, etc.)
Sensitive environment/credential file leakage
DM policy audit (open/wildcard channel access)
Tool policy / elevated tools audit
Sandbox configuration check
mDNS/Bonjour exposure detection
Session & credential file permissions
Persistence mechanism scan (LaunchAgents, crontabs, systemd)
Plugin/extension security audit
Log redaction settings audit
Reverse proxy localhost trust bypass detection
Exec-approvals configuration audit (CVE-2026-25253 exploit chain)
Docker container security (root, socket mount, privileged mode)
Node.js version / CVE-2026-21636 permission model bypass
Plaintext credential detection in config files
VS Code extension trojan detection (fake ClawdBot extensions)
Internet exposure detection (non-loopback gateway binding)
MCP server security audit (tool poisoning, prompt injection)

bash ~/.openclaw/workspace/skills/security-monitor/scripts/scan.sh

Exit codes: 0=SECURE, 1=WARNINGS, 2=COMPROMISED

/security-dashboard

Display a security overview with process trees via witr.

bash ~/.openclaw/workspace/skills/security-monitor/scripts/dashboard.sh

/security-network

Monitor network connections and check against IOC database.

bash ~/.openclaw/workspace/skills/security-monitor/scripts/network-check.sh

/security-remediate

# Full scan + remediate (interactive)
bash ~/.openclaw/workspace/skills/security-monitor/scripts/remediate.sh

# Auto-approve all fixes
bash ~/.openclaw/workspace/skills/security-monitor/scripts/remediate.sh --yes

# Dry run (preview)
bash ~/.openclaw/workspace/skills/security-monitor/scripts/remediate.sh --dry-run

# Remediate a single check
bash ~/.openclaw/workspace/skills/security-monitor/scripts/remediate.sh --check 7 --dry-run

# Run all 32 remediation scripts (skip scan)
bash ~/.openclaw/workspace/skills/security-monitor/scripts/remediate.sh --all

Flags:

--yes / -y — Skip confirmation prompts (auto-approve all fixes)
--dry-run — Show what would be fixed without making changes
--check N — Run remediation for check N only (skip scan)
--all — Run all 32 remediation scripts without scanning first

Exit codes: 0=fixes applied, 1=some fixes failed, 2=nothing to fix

/security-setup-telegram

bash ~/.openclaw/workspace/skills/security-monitor/scripts/telegram-setup.sh [chat_id]

Web Dashboard

URL: http://<vm-ip>:18800

Dark-themed browser dashboard with auto-refresh, on-demand scanning, donut charts, process tree visualization, network monitoring, and scan history timeline.

Service Management

launchctl list | grep security-dashboard
launchctl unload ~/Library/LaunchAgents/com.openclaw.security-dashboard.plist
launchctl load ~/Library/LaunchAgents/com.openclaw.security-dashboard.plist

IOC Database

Threat intelligence files in ioc/:

c2-ips.txt - Known command & control IP addresses
malicious-domains.txt - Payload hosting and exfiltration domains
file-hashes.txt - Known malicious file SHA-256 hashes
malicious-publishers.txt - Known malicious ClawHub publishers
malicious-skill-patterns.txt - Malicious skill naming patterns

Daily Automated Scan

Cron job at 06:00 UTC with Telegram alerts. Install:

crontab -l | { cat; echo "0 6 * * * $HOME/.openclaw/workspace/skills/security-monitor/scripts/daily-scan-cron.sh"; } | crontab -

Threat Coverage

Based on research from 40+ security sources including:

ClawHavoc: 341 Malicious Skills (Koi Security)
CVE-2026-25253: 1-Click RCE
From SKILL.md to Shell Access (Snyk)
VirusTotal: From Automation to Infection
OpenClaw Official Security Docs
DefectDojo Hardening Checklist
Vectra: Automation as Backdoor
Cisco: AI Agents Security Nightmare
Bloom Security/JFrog: 37 Malicious Skills
OpenSourceMalware: Skills Ganked Your Crypto
Snyk: clawdhub Campaign Deep-Dive
OWASP Top 10 for Agentic Applications 2026
CrowdStrike: OpenClaw AI Super Agent
Argus Security Audit (512 findings)
ToxSec: OpenClaw Security Checklist
Aikido.dev: Fake ClawdBot VS Code Extension
Prompt Security: Top 10 MCP Risks

Installation

# From GitHub
git clone https://github.com/adibirzu/openclaw-security-monitor.git \
  ~/.openclaw/workspace/skills/security-monitor
chmod +x ~/.openclaw/workspace/skills/security-monitor/scripts/*.sh

Related Skills

demerzels-lab/MarketPulse

testing

VerifiedTrustedCommunity

Query real-time and historical financial data across equities and crypto—prices, market moves, metrics, and trends for analysis, alerts, and reporting.

7SKILL.mdUpdated Apr 5, 2026

demerzels-lab/MarketPulse

demerzels-lab/openclaw-youtube

data-ai

VerifiedTrustedCommunity

YouTube SERP Scout for agents. Search top-ranking videos, channels, and trends for content research and competitor tracking.

7SKILL.mdUpdated Apr 5, 2026

demerzels-lab/openclaw-youtube

demerzels-lab/Twitter Command Center (Search + Post)

development

VerifiedTrustedCommunity

Search X (Twitter) in real time, extract relevant posts, and publish tweets/replies instantly—perfect for social listening, engagement, and rapid content ops.

7SKILL.mdUpdated Apr 5, 2026

demerzels-lab/Twitter Command Center (Search + Post)

demerzels-lab/openclaw-search

development

VerifiedTrustedCommunity

Intelligent search for agents. Multi-source retrieval with confidence scoring - web, academic, and Tavily in one unified API.

7SKILL.mdUpdated Apr 5, 2026

demerzels-lab/openclaw-search

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/demerzels-lab/elsamultiskillagent.git

# Copy into Claude Code skills folder (global)
cp -r elsamultiskillagent/public/skills/adibirzu/openclaw-security-monitor ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

demerzels-lab/elsamultiskillagent

7 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT