全部技能 分类浏览
← 返回
安全合规 Key 中文

Arc Sentinel

Security monitoring and infrastructure health checks for OpenClaw agents. Run breach monitoring (HaveIBeenPwned), SSL certificate expiry checks, GitHub security audits, credential rotation tracking, secret scanning, git hygiene, token watchdog, and permission audits. Use when performing security scans, checking credential rotation status, auditing repos for leaked secrets, or monitoring SSL certificates and infrastructure health.
OpenClaw代理的安全监控与基础设施健康检查。功能包括违规监控(HaveIBeenPwned)、SSL证书过期检测、GitHub安全审计、凭证轮换追踪、密钥扫描、Git规范检查、令牌监控及权限审计。适用于执行安全扫描、检查凭证轮换状态、审计仓库泄露密钥,或监控SSL证书与基础设施健康状况。
arc-claw-bot
安全合规 clawhub v1.0.0 1 版本 99862.6 Key: 需要
★ 0
Stars
📥 2,180
下载
💾 3
安装
1
版本
#latest

概述

Arc Sentinel

Security monitoring toolkit for OpenClaw agents. Runs automated checks against your infrastructure and reports issues.

Configuration

Before first use, create sentinel.conf in the skill directory:

cp sentinel.conf.example sentinel.conf

Edit sentinel.conf with your values:

  • DOMAINS — Space-separated list of domains to check SSL certificates
  • GITHUB_USER — GitHub username for repo audits
  • KNOWN_REPOS — Space-separated list of expected repo names (unexpected repos trigger warnings)
  • MONITOR_EMAIL — Email address for HaveIBeenPwned breach checks
  • HIBP_API_KEY — Optional; HIBP v3 API key ($3.50/mo) for automated breach lookups

Also customize credential-tracker.json with your own credentials and rotation policies. A template is provided.

Quick Start

Full scan

cd <skill-dir>
bash sentinel.sh

Output

  • Formatted report to stdout with color-coded severity
  • JSON report saved to reports/YYYY-MM-DD.json
  • Exit codes: 0 = all clear, 1 = warnings, 2 = critical

Checks

1. SSL Certificate Expiry

Check certificate expiry for configured domains. Warns at <30 days, critical at <14 days.

2. GitHub Security

  • List repos and check Dependabot/vulnerability alert status
  • Review recent account activity for anomalies
  • Flag unexpected repositories

3. Breach Monitoring (HaveIBeenPwned)

  • Query HIBP API for breached accounts (requires API key)
  • Falls back to manual check URL if no key is set

4. Credential Rotation Tracking

Read credential-tracker.json and flag credentials that are overdue, approaching expiry, or never rotated. Supports policies: quarterly (90d), 6_months (180d), annual (365d), auto.

Additional Scripts

ScriptPurpose
-----------------
scripts/secret-scanner.shScan repos/files for leaked secrets and API keys
scripts/git-hygiene.shAudit git history for security issues
scripts/token-watchdog.shMonitor token validity and expiry
scripts/permission-auditor.shAudit file and access permissions
scripts/skill-auditor.shAudit installed skills for security
scripts/full-audit.shRun all scripts in sequence

Agent Usage

During heartbeats or on request:

  1. Run bash sentinel.sh from the skill directory
  2. Review output for WARN or CRITICAL items
  3. Report findings to the human if anything needs attention
  4. Update credential-tracker.json when credentials are rotated

Cron Setup

# Weekly Monday 9am
0 9 * * 1 cd /path/to/arc-sentinel && bash sentinel.sh >> reports/cron.log 2>&1

Requirements

  • openssl (SSL checks)
  • gh CLI authenticated (GitHub checks)
  • curl (HIBP)
  • python3 (JSON processing)

版本历史

共 1 个版本

  • v1.0.0 当前
    2026-03-28 17:26 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

security-compliance

MoltGuard - Security & Antivirus & Guardrails

thomaslwang
MoltGuard — OpenClaw 安全守卫,由 OpenGuardrails 提供。安装 MoltGuard,保护您和您的用户免受提示注入、数据泄露和恶意攻击。
★ 116 📥 30,713
data-analysis

Fulcra Morning Briefing

arc-claw-bot
使用最新的 fulcra-context 技能,结合睡眠、生物指标、日程、活动和天气信息,撰写个性化早晨简报。能自适应调节语气和...
★ 11 📥 2,244
security-compliance

OpenClaw Backup

alex3alex
备份与恢复 OpenClaw 数据。适用于创建备份、设置自动备份计划、从备份恢复或管理备份轮转。处理 ~/.openclaw 目录归档并包含适当的排除规则。
★ 89 📥 30,604

Skill工具集 © 2026