Skills
skills/aaaaqwq/agi-super-skills/security-monitor/Gen Agent Trust Hub

security-monitor

Warn

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/monitor.cjs uses child_process.execSync to execute various system tools including ps, ss, netstat, tail, and docker to collect system state and monitoring data.
  • [DATA_EXFILTRATION]: The skill accesses sensitive system file paths to monitor for intrusions and changes:
  • Reads /var/log/auth.log and /var/log/syslog to detect failed login attempts and potential brute-force attacks.
  • Monitors and reads application environment files located at /root/clawd/skills/.env and /root/clawd/.env, which typically contain sensitive API keys and configuration secrets.
  • The logic includes a placeholder for external Telegram alerts on high-severity events, though no network transmission code is currently active in the provided script.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 5, 2026, 07:56 AM