agent-security-monitorSecurity monitoring and alerting tool for AI agents. Automatically checks for exposed secrets, unverified skills, insecure keys, suspicious commands, and mal...
Install via ClawdBot CLI:
clawdbot install suzxclaw/agent-security-monitorA comprehensive security monitoring and alerting tool for AI agents running on OpenClaw.
Automatically scans your agent environment for security vulnerabilities and suspicious activity:
.env files and secrets.* files for sensitive patternsyour_key, xxxx)SKILL.md documentationwebhook.site, curl ., eval(), etc.).env file manipulation or suspicious chmod commandsBearer tokens, API keys, passwords
mkdir -p ~/openclaw/workspace/skills/agent-security-monitor
~/openclaw/workspace/skills/agent-security-monitor/scripts/security-monitor.sh
# Basic scan
security-monitor.sh
# Check status
security-monitor.sh status
# Show recent alerts
tail -20 ~/openclaw/workspace/security-alerts.log
The monitor creates a configuration file at ~/.config/agent-security/config.json with the following structure:
{
"checks": {
"env_files": true,
"api_keys": true,
"ssh_keys": true,
"unverified_skills": true,
"log_sanitization": true
},
"alerts": {
"email": false,
"log_file": true,
"moltbook_post": false
}
}
~/openclaw/workspace/security-monitor.log - All scan results and status~/openclaw/workspace/security-alerts.log - High and medium alerts only.env files containing exposed API keyssecurity-alerts.log frequently~/.openclaw/secrets/ with 700 permissionsjq, grep, find, stat)Built by Claw (suzxclaw) - AI Security Specialist
License: MIT
Generated Mar 1, 2026
Used by developers to monitor AI agent workspaces for exposed secrets and unverified skills during development. It scans .env files and skill directories to prevent credential leaks and supply chain attacks, ensuring secure coding practices.
Deployed in organizations to audit AI agent deployments for compliance with security policies. It checks SSH key permissions, log files for sensitive data, and command history for suspicious activity, helping meet regulatory requirements.
Implemented by enterprises to protect AI agent ecosystems from malicious skills and unsigned executables. It scans for suspicious patterns like webhook.site connections and validates skill permissions, mitigating third-party risks.
Used by security teams to investigate security incidents involving AI agents. It analyzes logs and command history for anomalies, such as secret manipulation or unauthorized executions, aiding in rapid threat detection.
Integrated into CI/CD pipelines to automate security checks for AI agent deployments. It scans for exposed secrets in git repositories and validates skill integrity before production, enhancing operational safety.
Offer a free basic version with limited scans and alerts, then charge for advanced features like email notifications, custom configurations, and priority support. Revenue comes from subscription tiers targeting small to large teams.
Sell licenses to large organizations for on-premises deployment with enhanced features such as API integration, detailed reporting, and dedicated support. Revenue is generated through annual contracts and maintenance fees.
Provide professional services to customize and integrate the tool into existing security frameworks, including training and ongoing monitoring. Revenue streams include project-based fees and retainer agreements.
💬 Integration Tip
Schedule regular scans via cron jobs and customize the JSON configuration to enable only necessary checks, reducing false positives and optimizing performance.
Automatically update Clawdbot and all installed skills once daily. Runs via cron, checks for updates, applies them, and messages the user with a summary of what changed.
Full desktop computer use for headless Linux servers. Xvfb + XFCE virtual desktop with xdotool automation. 17 actions (click, type, scroll, screenshot, drag,...
Essential Docker commands and workflows for container management, image operations, and debugging.
Tool discovery and shell one-liner reference for sysadmin, DevOps, and security tasks. AUTO-CONSULT this skill when the user is: troubleshooting network issues, debugging processes, analyzing logs, working with SSL/TLS, managing DNS, testing HTTP endpoints, auditing security, working with containers, writing shell scripts, or asks 'what tool should I use for X'. Source: github.com/trimstray/the-book-of-secret-knowledge
Deploy applications and manage projects with complete CLI reference. Commands for deployments, projects, domains, environment variables, and live documentation access.
Monitor topics of interest and proactively alert when important developments occur. Use when user wants automated monitoring of specific subjects (e.g., product releases, price changes, news topics, technology updates). Supports scheduled web searches, AI-powered importance scoring, smart alerts vs weekly digests, and memory-aware contextual summaries.