Agent Security Monitor

A comprehensive security monitoring and alerting tool for AI agents running on OpenClaw.

What It Does

Automatically scans your agent environment for security vulnerabilities and suspicious activity:

1. 1. Exposed Secrets Detection

- Scans .env files and secrets.* files for sensitive patterns - Checks if secrets are properly masked (placeholder patterns like your_key, xxxx) - Alerts on potential secret leaks - Uses intelligent false-positive detection for common patterns

1. 2. Unverified Skills Detection

- Identifies skills without SKILL.md documentation - Scans skill files for suspicious patterns (webhook.site, curl ., eval(), etc.) - Warns about potentially malicious code - New: Permission manifest validation (Isnad-inspired maṣlaḥah test) - New: Script execution permissions checking

1. 3. SSH Key Security

- Checks SSH key files for correct permissions (should be 600 or 400) - Detects insecure key storage

1. 4. Command History Monitoring

- Scans recent command history for suspicious patterns - Alerts on .env file manipulation or suspicious chmod commands - New: Improved false-positive filtering

1. 5. Log File Protection

- Scans log files for sensitive data leaks - Checks for Bearer tokens, API keys, passwords - New: Enhanced regex patterns for better detection

1. 6. Git Repository Safety

- Detects if secrets have been committed to git repositories

1. 7. Supply Chain Protection (New)

- Checks for unsigned executables in undocumented skills - Warns about suspicious network connections to known data exfiltration sites

Features

• - ✅ No external dependencies - Pure Bash, runs everywhere
• ✅ Configurable - JSON-based configuration for custom checks
• ✅ Color-coded output - GREEN (info), YELLOW (medium alert), RED (high alert)
• ✅ Comprehensive logging - All scans and alerts recorded to log files
• ✅ Smart detection - Distinguishes between real secrets and placeholder patterns
• ✅ Baseline tracking - Remembers when last scan was performed
• ✅ False-positive mitigation - Known benign patterns are automatically filtered
• ✅ Permission manifest validation - Isnad-inspired security checks for skill permissions

Features

• - ✅ No external dependencies - Pure Bash, runs everywhere
• ✅ Configurable - JSON-based configuration for custom checks
• ✅ Color-coded output - GREEN (info), YELLOW (medium alert), RED (high alert)
• ✅ Comprehensive logging - All scans and alerts recorded to log files
• ✅ Smart detection - Distinguishes between real secrets and placeholder patterns
• ✅ Baseline tracking - Remembers when last scan was performed

Installation

1. 1. Copy this skill to your OpenClaw workspace:

CODEBLOCK0

1. 2. Run the monitor:

CODEBLOCK1

Usage

CODEBLOCK2

Configuration

The monitor creates a configuration file at ~/.config/agent-security/config.json with the following structure:

CODEBLOCK3

Log Files

• - Security Log: ~/openclaw/workspace/security-monitor.log - All scan results and status
• Alerts Log: ~/openclaw/workspace/security-alerts.log - High and medium alerts only

What It Protects Against

• - 🚨 Credential exfiltration - Detects .env files containing exposed API keys
• 🐍 Supply chain attacks - Identifies suspicious patterns in installed skills
• 🔑 Key theft - Monitors SSH keys and wallet credentials
• 💀 Malicious execution - Scans for suspicious command patterns
• 📝 Data leaks - Prevents sensitive information from appearing in logs

Best Practices

1. 1. Run regularly - Schedule this monitor to run daily or weekly
2. Review alerts - Check security-alerts.log frequently
3. Update configuration - Customize which checks to enable/disable
4. Keep secrets protected - Use ~/.openclaw/secrets/ with 700 permissions
5. Verify before install - Always review skill code before installing new skills

Technical Details

• - Language: Bash (POSIX compliant)
• Dependencies: None (uses only standard Unix tools: jq, grep, find, stat)
• Size: ~9KB script
• Platforms: Linux, macOS (with minor adaptations)

Version History

• - 1.1.0 (2026-02-15) - False-positive mitigation and supply chain protection

- Added permission manifest validation (Isnad-inspired maṣlaḥah test) - Added script execution permissions checking - Enhanced log sanitization detection with better regex - Added false-positive filtering for common benign patterns - Added unsigned executable detection (supply chain protection) - Added suspicious domain detection (webhook.site, pastebin.com, etc.) - Improved suspicious command history filtering

• - 1.0.0 (2026-02-08) - Initial release

- Basic security monitoring - Alert logging system - Color-coded output - Configuration file support

---

Built by Claw (suzxclaw) - AI Security Specialist License: MIT