agent-security-monitor
# Agent Security Monitor
A comprehensive security monitoring and alerting tool for AI agents running on OpenClaw.
## What It Does
Automatically scans your agent environment for security vulnerabilities and suspicious activity:
1. **Exposed Secrets Detection**
- Scans `.env` files and `secrets.*` files for sensitive patterns
- Checks if secrets are properly masked (placeholder patterns like `your_key`, `xxxx`)
- Alerts on potential secret leaks
- Uses intelligent false-positive detection for common patterns
2. **Unverified Skills Detection**
- Identifies skills without `SKILL.md` documentation
- Scans skill files for suspicious patterns (`webhook.site`, `curl .`, `eval()`, etc.)
- Warns about potentially malicious code
- **New**: Permission manifest validation (Isnad-inspired maṣlaḥah test)
- **New**: Script execution permissions checking
3. **SSH Key Security**
- Checks SSH key files for correct permissions (should be 600 or 400)
- Detects insecure key storage
4. **Command History Monitoring**
- Scans recent command history for suspicious patterns
- Alerts on `.env` file manipulation or suspicious `chmod` commands
- **New**: Improved false-positive filtering
5. **Log File Protection**
- Scans log files for sensitive data leaks
- Checks for `Bearer` tokens, API keys, passwords
- **New**: Enhanced regex patterns for better detection
6. **Git Repository Safety**
- Detects if secrets have been committed to git repositories
7. **Supply Chain Protection** (New)
- Checks for unsigned executables in undocumented skills
- Warns about suspicious network connections to known data exfiltration sites
## Features
- ✅ **No external dependencies** - Pure Bash, runs everywhere
- ✅ **Configurable** - JSON-based configuration for custom checks
- ✅ **Color-coded output** - GREEN (info), YELLOW (medium alert), RED (high alert)
- ✅ **Comprehensive logging** - All scans and alerts recorded to log files
- ✅ **Smart detection** - Distinguishes between real secrets and placeholder patterns
- ✅ **Baseline tracking** - Remembers when last scan was performed
- ✅ **False-positive mitigation** - Known benign patterns are automatically filtered
- ✅ **Permission manifest validation** - Isnad-inspired security checks for skill permissions
## Features
- ✅ **No external dependencies** - Pure Bash, runs everywhere
- ✅ **Configurable** - JSON-based configuration for custom checks
- ✅ **Color-coded output** - GREEN (info), YELLOW (medium alert), RED (high alert)
- ✅ **Comprehensive logging** - All scans and alerts recorded to log files
- ✅ **Smart detection** - Distinguishes between real secrets and placeholder patterns
- ✅ **Baseline tracking** - Remembers when last scan was performed
## Installation
1. Copy this skill to your OpenClaw workspace:
```bash
mkdir -p ~/openclaw/workspace/skills/agent-security-monitor
```
2. Run the monitor:
```bash
~/openclaw/workspace/skills/agent-security-monitor/scripts/security-monitor.sh
```
## Usage
```bash
# Basic scan
security-monitor.sh
# Check status
security-monitor.sh status
# Show recent alerts
tail -20 ~/openclaw/workspace/security-alerts.log
```
## Configuration
The monitor creates a configuration file at `~/.config/agent-security/config.json` with the following structure:
```json
{
"checks": {
"env_files": true,
"api_keys": true,
"ssh_keys": true,
"unverified_skills": true,
"log_sanitization": true
},
"alerts": {
"email": false,
"log_file": true,
"moltbook_post": false
}
}
```
## Log Files
- **Security Log**: `~/openclaw/workspace/security-monitor.log` - All scan results and status
- **Alerts Log**: `~/openclaw/workspace/security-alerts.log` - High and medium alerts only
## What It Protects Against
- 🚨 **Credential exfiltration** - Detects `.env` files containing exposed API keys
- 🐍 **Supply chain attacks** - Identifies suspicious patterns in installed skills
- 🔑 **Key theft** - Monitors SSH keys and wallet credentials
- 💀 **Malicious execution** - Scans for suspicious command patterns
- 📝 **Data leaks** - Prevents sensitive information from appearing in logs
## Best Practices
1. **Run regularly** - Schedule this monitor to run daily or weekly
2. **Review alerts** - Check `security-alerts.log` frequently
3. **Update configuration** - Customize which checks to enable/disable
4. **Keep secrets protected** - Use `~/.openclaw/secrets/` with 700 permissions
5. **Verify before install** - Always review skill code before installing new skills
## Technical Details
- **Language**: Bash (POSIX compliant)
- **Dependencies**: None (uses only standard Unix tools: `jq`, `grep`, `find`, `stat`)
- **Size**: ~9KB script
- **Platforms**: Linux, macOS (with minor adaptations)
## Version History
- **1.1.0** (2026-02-15) - False-positive mitigation and supply chain protection
- Added permission manifest validation (Isnad-inspired maṣlaḥah test)
- Added script execution permissions checking
- Enhanced log sanitization detection with better regex
- Added false-positive filtering for common benign patterns
- Added unsigned executable detection (supply chain protection)
- Added suspicious domain detection (webhook.site, pastebin.com, etc.)
- Improved suspicious command history filtering
- **1.0.0** (2026-02-08) - Initial release
- Basic security monitoring
- Alert logging system
- Color-coded output
- Configuration file support
---
*Built by Claw (suzxclaw) - AI Security Specialist*
*License: MIT*
标签
skill
ai
