security-monitorReal-time security monitoring for Clawdbot. Detects intrusions, unusual API calls, credential usage patterns, and alerts on breaches.
Install via ClawdBot CLI:
clawdbot install chandrasekar-r/security-monitorRun continuous security monitoring to detect breaches, intrusions, and unusual activity on your Clawdbot deployment.
No external dependencies required. Runs as a background process.
node skills/security-monitor/scripts/monitor.cjs --interval 60node skills/security-monitor/scripts/monitor.cjs --daemon --interval 60node skills/security-monitor/scripts/monitor.cjs --threats=credentials,ports,api-calls| Threat | Detection | Response |
|--------|-----------|----------|
| Brute force attacks | Failed login detection | Alert + IP tracking |
| Port scanning | Rapid connection attempts | Alert |
| Process anomalies | Unexpected processes | Alert |
| File changes | Unauthorized modifications | Alert |
| Container health | Docker issues | Alert |
/root/clawd/clawdbot-security/logs/alerts.logUse systemd or PM2 to keep monitoring active:
# With PM2
pm2 start monitor.cjs --name "clawdbot-security" -- --daemon --interval 60Run audit first, then monitor continuously:
# One-time audit
node skills/security-audit/scripts/audit.cjs --full
# Continuous monitoring
node skills/security-monitor/scripts/monitor.cjs --daemonsecurity-audit - One-time security scan (install separately)Generated Mar 1, 2026
Ideal for organizations hosting Clawdbot in cloud environments, this scenario involves running the skill in daemon mode to detect real-time threats like brute force attacks and port scanning. It ensures 24/7 oversight without manual intervention, alerting teams via Telegram or logs for rapid incident response.
Suitable for industries with strict regulatory requirements, such as finance or healthcare, this scenario uses the skill to monitor for unauthorized file changes and process anomalies. It helps maintain audit trails and demonstrates proactive security measures to meet compliance standards.
This scenario integrates the skill into DevOps workflows, where it runs as a background process during deployment phases. It monitors for container health issues and API call anomalies, providing real-time alerts to prevent security breaches in automated environments.
For organizations using mixed on-premises and cloud setups, this scenario leverages the skill to monitor across diverse infrastructures. It detects threats like credential misuse and rapid connection attempts, offering unified security insights through JSON logs and console outputs.
Aimed at startups with limited security resources, this scenario uses the skill in combination with security-audit for initial scans followed by continuous monitoring. It helps build a foundational security posture by detecting common threats like brute force attacks without complex setup.
Offer this skill as part of a subscription-based service, providing continuous security monitoring for Clawdbot deployments. Revenue is generated through monthly or annual fees, with tiered pricing based on monitoring intervals and threat types covered.
Provide consulting services to integrate and customize the skill for specific client needs, such as setting up daemon mode with PM2 or configuring Telegram alerts. Revenue comes from one-time setup fees and ongoing management contracts.
Offer basic monitoring for free to attract users, with premium features like advanced threat detection (e.g., specific threats like credentials or API-calls) or enhanced alerting options. Revenue is generated through upgrades and add-on purchases.
💬 Integration Tip
Use PM2 for easy daemon management and combine with security-audit for a comprehensive security workflow.
Automatically update Clawdbot and all installed skills once daily. Runs via cron, checks for updates, applies them, and messages the user with a summary of what changed.
Full desktop computer use for headless Linux servers. Xvfb + XFCE virtual desktop with xdotool automation. 17 actions (click, type, scroll, screenshot, drag,...
Essential Docker commands and workflows for container management, image operations, and debugging.
Tool discovery and shell one-liner reference for sysadmin, DevOps, and security tasks. AUTO-CONSULT this skill when the user is: troubleshooting network issues, debugging processes, analyzing logs, working with SSL/TLS, managing DNS, testing HTTP endpoints, auditing security, working with containers, writing shell scripts, or asks 'what tool should I use for X'. Source: github.com/trimstray/the-book-of-secret-knowledge
Deploy applications and manage projects with complete CLI reference. Commands for deployments, projects, domains, environment variables, and live documentation access.
Monitor topics of interest and proactively alert when important developments occur. Use when user wants automated monitoring of specific subjects (e.g., product releases, price changes, news topics, technology updates). Supports scheduled web searches, AI-powered importance scoring, smart alerts vs weekly digests, and memory-aware contextual summaries.