陌讯skills聚合平台

arc-sentinel

📁 arc-claw-bot/arc-sentinel 📅 9 days ago
2
总安装量
2
周安装量
#68051
全站排名
安装命令
npx skills add https://github.com/arc-claw-bot/arc-sentinel --skill arc-sentinel

Agent 安装分布

openclaw 2
claude-code 2
mcpjam 1
kilo 1
windsurf 1
zencoder 1

Skill 文档

Arc Sentinel

Security monitoring toolkit for OpenClaw agents. Runs automated checks against your infrastructure and reports issues.

Configuration

Before first use, create sentinel.conf in the skill directory:

cp sentinel.conf.example sentinel.conf

Edit sentinel.conf with your values:

  • DOMAINS — Space-separated list of domains to check SSL certificates
  • GITHUB_USER — GitHub username for repo audits
  • KNOWN_REPOS — Space-separated list of expected repo names (unexpected repos trigger warnings)
  • MONITOR_EMAIL — Email address for HaveIBeenPwned breach checks
  • HIBP_API_KEY — Optional; HIBP v3 API key ($3.50/mo) for automated breach lookups

Also customize credential-tracker.json with your own credentials and rotation policies. A template is provided.

Quick Start

Full scan

cd <skill-dir>
bash sentinel.sh

Output

  • Formatted report to stdout with color-coded severity
  • JSON report saved to reports/YYYY-MM-DD.json
  • Exit codes: 0 = all clear, 1 = warnings, 2 = critical

Checks

1. SSL Certificate Expiry

Check certificate expiry for configured domains. Warns at <30 days, critical at <14 days.

2. GitHub Security

  • List repos and check Dependabot/vulnerability alert status
  • Review recent account activity for anomalies
  • Flag unexpected repositories

3. Breach Monitoring (HaveIBeenPwned)

  • Query HIBP API for breached accounts (requires API key)
  • Falls back to manual check URL if no key is set

4. Credential Rotation Tracking

Read credential-tracker.json and flag credentials that are overdue, approaching expiry, or never rotated. Supports policies: quarterly (90d), 6_months (180d), annual (365d), auto.

Additional Scripts

Script Purpose
scripts/secret-scanner.sh Scan repos/files for leaked secrets and API keys
scripts/git-hygiene.sh Audit git history for security issues
scripts/token-watchdog.sh Monitor token validity and expiry
scripts/permission-auditor.sh Audit file and access permissions
scripts/skill-auditor.sh Audit installed skills for security
scripts/full-audit.sh Run all scripts in sequence

Agent Usage

During heartbeats or on request:

  1. Run bash sentinel.sh from the skill directory
  2. Review output for WARN or CRITICAL items
  3. Report findings to the human if anything needs attention
  4. Update credential-tracker.json when credentials are rotated

Cron Setup

# Weekly Monday 9am
0 9 * * 1 cd /path/to/arc-sentinel && bash sentinel.sh >> reports/cron.log 2>&1

Requirements

  • openssl (SSL checks)
  • gh CLI authenticated (GitHub checks)
  • curl (HIBP)
  • python3 (JSON processing)
GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台
本页面由 陌讯 Skills 聚合平台 收录整理,数据定期更新。