linux-security-scanner

Linux security auditing tool that checks SSH configuration, open/listening ports, firewall rules (ufw/iptables/nftables), failed login attempts, sudoers permissions, world-writable files, and SUID binaries. Use when a user needs a security posture assessment, hardening audit, or compliance check on a Linux host — run individual checks or a full comprehensive audit with a formatted report.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "linux-security-scanner" with this command: npx skills add laolaoqi/linux-security-scanner

Linux Security Scanner

Script

scripts/security-audit.sh — the single entry point for all checks.

The script is self-contained, portable, and works on any modern Linux system. It auto-detects available tools (ss/netstat, ufw/iptables/nftables, journalctl) and gracefully skips unavailable ones.

Quick Start

Run a full audit:

bash scripts/security-audit.sh --all

Or with no arguments (same as --all):

bash scripts/security-audit.sh

Individual Checks

Run any single check by name:

CommandWhat it checks
--sshPermitRootLogin, PasswordAuthentication, Port, Protocol in sshd_config
--portsListening TCP ports (ss or netstat)
--firewallufw status, iptables filter rules, nftables ruleset
--failed-loginslastb output and journalctl SSH auth failures (last 24h)
--sudoersSudoers file permissions (must be 440), files present, NOPASSWD entries, full sudo access grants
--world-writableWorld-writable files in /etc, /tmp, /var, /home, /opt (depth 3)
--suidAll SUID binaries, risk assessment, unusual path detection

Example:

bash scripts/security-audit.sh --ssh --failed-logins

Full Audit Workflow

  1. Run bash scripts/security-audit.sh --all
  2. The script outputs a colorized report to stdout
  3. A structured markdown report is stored in the $REPORT variable (accessible within the same shell session)
  4. For programmatic use, redirect output to a file

Common Findings & Recommendations

  • SSH hardening: Disable root login, disable password auth, use key-only auth, change default port
  • Firewall: Ensure only necessary ports are open; prefer deny-by-default
  • Sudoers: Avoid NOPASSWD where possible; keep permissions at 440; audit who has full sudo access
  • SUID: Review unusual SUID paths; minimize SUID binaries; check for known CVEs on common ones (pkexec, sudo, etc.)
  • World-writable files: These are security risks — investigate why they're writable and restrict permissions

Notes

  • Requires root/sudo for some checks (failed-logins reads /var/log/btmp, ss shows process info)
  • Runs entirely in the shell — no external dependencies beyond standard Linux tools
  • Respects permission boundaries — non-accessible checks are noted, not forced

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Semia

Audit an agent skill with Semia inside OpenClaw. Use when the user asks to run `semia scan <path>`, "Run Semia audit on this skill", or audit a skill/plugin...

Registry SourceRecently Updated
00Profile unavailable
Security

vuihoc-nodejs-review-code

Review Node.js code for clear structure, error handling, security, performance, best practices, and proper testing coverage.

Registry SourceRecently Updated
00Profile unavailable
Security

内控-集团客户部FY审计

集团客户部FY审计工具。当用户要求"审计返佣"、"核查KA返佣"、"核对返佣数据"、"检查返佣表"、"返佣对账"或类似场景时使用。本技能自动识别各月KA返佣工作表结构,从原始数据独立重算返佣金额并与汇总表比对,发现数据差异和规则执行问题,输出结构化审计报告。支持增量追加新月份数据到SQLite数据库,不修改历史数据。

Registry SourceRecently Updated
320Profile unavailable
Security

Camera Memory Card Empty Case Tag

Create printable camera memory card case tags that show empty, ready, used, and return-to-bag states without data, formatting, backup, or security guidance.

Registry SourceRecently Updated
1050Profile unavailable