文件内容
SKILL.md
---
name: linux-security-guardian
description: Autonomous multi-client Linux server security management via SSH MCP. Runs full audit at 1 AM IST nightly via cron. Iterates over all clients and their server fleets. Covers system hardening, CVE scanning (CISA KEV + OSV.dev + NVD API), user auditing, SSH config, firewall rules, running services, file permissions, log analysis, SSL certs, and kernel parameters. Non-breaking actions auto-applied. Critical patches and network/firewall changes require owner confirmation. Report sent per-server and per-client via email plugin/skill (not bundled). Dependency: SSH MCP server must be running.
version: 1.4.0
metadata: {"openclaw": {"emoji": "🛡️", "requires": {"bins": ["bash","python3","ss","iptables","systemctl","grep","awk","sed","find","curl"], "mcp": ["ssh_conn","ssh_exec"]}}}
---
# Linux Security Guardian
## ⚡ SSH MCP — REQUIRED DEPENDENCY
> **SSH MCP is a hard dependency. The agent MUST have SSH MCP tools available to operate.**
> No local/legacy fallback. All operations go through SSH MCP.
### Prerequisite
```yaml
# SSH MCP server must be running and accessible
# Tools required: ssh_conn, ssh_exec
# Config reference: /save_data/projects/ssh_mcp/
dependency: ssh_mcp
status: required # if unavailable → ABORT, alert owner
```
### Server Profile Config
Each target server needs a saved connection in SSH MCP database. Configure in `SERVER_PROFILE.md`:
```yaml
ssh_mcp:
connection_id: "<id-name-or-alias-from-ssh-conn-list>" # Saved connection ID, Name, or Alias
# OR inline config:
# host: "<server-ip>"
# port: 22
# username: "<user>"
# key_path: "</path/to/key>"
```
### Connection Lifecycle
```
1. ssh_conn(op="list") → find target server connection_id
→ If not found → log error, ABORT audit (no fallback)
2. ssh_exec(op="open", connectionId) → returns sessionId
→ If fails → log error, ABORT audit
→ sessionId used for ALL subsequent commands
3. Run commands in audit modules:
→ Prefer passing multiple commands in a module as a sequential array to reduce overhead: `ssh_exec(op="run", sessionId, command=["cmd1", "cmd2", ...])` → returns a single commandId.
→ Alternatively, run individually: `ssh_exec(op="run", sessionId, command="<command>")`.
→ If multiple command runs are triggered concurrently, the SSH MCP server's self-healing queue handles concurrency. If the target server rejects channel opens (due to low `MaxSessions`), the MCP server dynamically drops the concurrency limit, unshifts the task, and retries with backoff.
→ Retrieve output: `ssh_exec(op="logs", commandId=commandId, stream="stdout")`.
4. ssh_exec(op="close", sessionId) after audit complete
```
### SSH MCP Tool Usage
| Operation | SSH MCP Tool | Notes |
|-----------|-------------|-------|
| List/Manage connections | `ssh_conn(op="list")` | Find target server by name/IP |
| Connect to server | `ssh_exec(op="open", connectionId)` | Returns sessionId |
| Execute command | `ssh_exec(op="run", sessionId, command)` | Returns commandId (non-blocking) |
| Get command output | `ssh_exec(op="logs", commandId)` | Can filter: grep, head, tail, fromLine, toLine |
| Get command status | `ssh_exec(op="status", commandId)` | Check if still running |
| Disconnect | `ssh_exec(op="close", sessionId)` | Always disconnect after audit |
| List active sessions | `ssh_exec(op="list")` | Monitor active connections |
| Bulk execution | `ssh_bulk_exec(commands, connectionIds)` | Run command(s) in bulk across servers |
| Bulk audit checks | `ssh_bulk_audit(op, client)` | Run health/sysinfo/security checks in bulk |
| Client CRUD management | `ssh_client(op="list")` | Manage client groups and servers ownership |
### Audit Modules
All 18 modules execute commands via SSH MCP. Each module file lists commands that get wrapped with `ssh_exec(op="run", sessionId, command)`:
```
module command → ssh_exec(op="run", sessionId, command="module command")
→ ssh_exec(op="logs", commandId=cmdId)
→ parse output
```
### CVE Scan
The external CVE scan runs locally (on the guardian host) using curl to CISA KEV, OSV.dev, and NVD API.
Usage requires `--client` and `--server` to write results to per-server paths:
```bash
bash cve/cve-scan.sh --client "client-1" --server "server-01"
# Writes results to:
# cve/<client>/<server>/scan-results/YYYY-MM-DD.md
# cve/<client>/<server>/advisories/<CVE-ID>.md
```
Steps:
```bash
# 1. SSH MCP: ssh_exec(op="run", sessionId, command="dpkg-query -W ...") → save locally
# 2. Read from cve/<client>/<server>/scan-results/installed-packages.txt
# 3. curl CISA KEV → filter Linux entries → write advisories
# 4. curl POST OSV.dev batch → match packages → write advisories
# 5. curl NVD API (optional) → cross-check → write advisories
```
---
## Multi-Client Architecture
The guardian manages **multiple clients**, each with their own server fleet.
SERVER_PROFILE.md defines `## Client:` sections. The audit iterates ALL.
```
SERVER_PROFILE.md
├── ## Client: client-1 (7 servers)
│ ├── server-01
│ ├── server-02
│ └── ... server-07
├── ## Client: client-2 (N servers) ← add as needed
│ └── ...
└── ## Client: [NEXT-CLIENT]
```
All paths use `<client>/<server>/` prefix:
- Findings: `audit/results/<client>/<server>/<severity>/`
- Actions: `actions/<client>/<server>/auto-done/`
- CVEs: `cve/<client>/<server>/advisories/`
- Reports: `reports/<client>/<server>/daily/`
---
## Purpose
Agent manages complete Linux server security autonomously via SSH MCP.
Every night at 1 AM IST:
- Iterates all clients → all servers
- Full security audit runs via SSH MCP
- CVEs scanned against installed packages
- Auto-fixes applied for safe issues
- Critical issues queued for owner confirmation
- Per-server, per-client, and master email reports delivered
---
## Action Decision Matrix
The most important thing — what agent does vs what it asks first:
| Finding Type | CVSS / Severity | Action |
|---|---|---|
| CVE — Critical | ≥ 9.0 | EMAIL ALERT immediately + queue for confirm |
| CVE — High | 7.0–8.9 | Queue for confirm + include in report |
| CVE — Medium | 4.0–6.9 | Include in report + advisory |
| CVE — Low | < 4.0 | Info in report only |
| CVE — KEV (CISA) | any | **Treated as CRITICAL** — immediate alert + confirm within due date |
| CVE — KEV + Ransomware | any | **🔥 HIGHEST PRIORITY** — immediate alert, confirm ASAP |
| Kernel update available | any | Confirm required before patch |
| Security-only pkg update | any | Confirm required |
| SSH: PermitRootLogin yes | critical | Alert + confirm to fix |
| SSH: PasswordAuth yes | high | Alert + confirm to fix |
| SSH: Port 22 | medium | Advisory only |
| Empty password account | critical | AUTO-LOCK immediately |
| Unknown root-uid account | critical | Alert + confirm to lock |
| Inactive account > 90d | medium | Alert + confirm to lock |
| World-writable /tmp | medium | AUTO-FIX chmod |
| World-writable system dir | high | Alert + confirm to fix |
| Unexpected SUID binary | high | Alert only (owner decides) |
| Failed login spike > 20/hr | high | Alert immediately |
| New unknown cron job | high | Alert immediately |
| Firewall rule change needed | any | CONFIRM REQUIRED always |
| Open unexpected port | high | Alert + confirm to close |
| Service: unnecessary running | medium | Alert + confirm to stop |
| SSL cert expiring < 30d | warning | Alert |
| SSL cert expired | critical | Alert immediately |
| Disk > 85% full | warning | Alert |
| Disk > 95% full | critical | Alert immediately |
| Auditd not running | high | AUTO-START + alert |
| fail2ban not running | high | AUTO-START + alert |
| Log file suspicious entry | high | Alert with extract |
---
## Audit Modules
| Module | What it checks | SSH MCP Command |
|--------|---------------|-----------------|
| `01-system` | OS, kernel, uptime, last reboot, hardware | `ssh_exec(op="run", sessionId, command="uname -a; cat /etc/*release")` |
| `02-users` | Accounts, root access, sudo, empty passwords, inactive | `ssh_exec(op="run", sessionId, command="cat /etc/passwd; cat /etc/shadow; ...")` |
| `03-ssh` | sshd_config full audit — 20+ checks | `ssh_exec(op="run", sessionId, command="cat /etc/ssh/sshd_config")` |
| `04-auth` | Login history, failed logins, PAM config | `ssh_exec(op="run", sessionId, command="last; cat /var/log/auth.log")` |
| `05-services` | Running services, unnecessary ones, failed units | `ssh_exec(op="run", sessionId, command="systemctl list-units ...")` |
| `06-packages` | Pending updates, security updates count | `ssh_exec(op="run", sessionId, command="apt list --upgradable 2>/dev/null")` |
| `07-cve` | CVE scan — remote via SSH MCP + API-based | `ssh_exec(op="run", sessionId, command="dpkg-query -W ...; curl ...")` |
| `08-network` | Open ports, listening services, active connections | `ssh_exec(op="run", sessionId, command="ss -tulpn; netstat -tulpn")` |
| `09-firewall` | iptables/nftables/ufw rules audit | `ssh_exec(op="run", sessionId, command="iptables-save 2>/dev/null")` |
| `10-filesystem` | SUID/SGID, world-writable, /tmp, sticky bits | `ssh_exec(op="run", sessionId, command="find / -perm -4000 ...")` |
| `11-kernel` | sysctl security params — 15+ checks | `ssh_exec(op="run", sessionId, command="sysctl -a 2>/dev/null")` |
| `12-logs` | auth.log, syslog, kern.log — anomaly scan | `ssh_exec(op="run", sessionId, command="tail -100 /var/log/syslog")` |
| `13-crons` | System + user cron jobs — unknown jobs flagged | `ssh_exec(op="run", sessionId, command="cat /etc/crontab; ls -la /var/spool/cron/")` |
| `14-ssl` | Cert expiry check for all domains/services | `ssh_exec(op="run", sessionId, command="openssl x509 -in ... -noout -dates")` |
| `15-docker` | If running — image vulns, container config | `ssh_exec(op="run", sessionId, command="docker ps; docker images")` |
| `16-disk` | Disk usage, inode usage | `ssh_exec(op="run", sessionId, command="df -h; df -i")` |
| `17-integrity` | AIDE/tripwire check if installed | `ssh_exec(op="run", sessionId, command="aide --check")` |
| `18-rootkit` | rkhunter/chkrootkit if installed | `ssh_exec(op="run", sessionId, command="rkhunter --check --skip-keypress")` |
**Execution rule**: All commands go through `ssh_exec(op="run", sessionId, command="<command>")` → `ssh_exec(op="logs", commandId=cmdId)`. No local execution.
---
## Finding Severity Levels
| Level | Color | Meaning |
|---|---|---|
| `CRITICAL` | 🔴 | Immediate risk, action required now |
| `HIGH` | 🟠 | Significant risk, fix this week |
| `MEDIUM` | 🟡 | Moderate risk, fix this month |
| `LOW` | 🔵 | Minor issue, fix when possible |
| `INFO` | ⚪ | Informational, no action needed |
| `PASS` | 🟢 | Check passed, all good |
---
## Confirmation Flow
When owner confirmation is needed:
```
Finding detected (requires confirm) on <client>/<server>
↓
Write to actions/<client>/<server>/pending-confirm/<client>-<server>-<id>-<slug>.md
↓
Include in email report under "NEEDS YOUR DECISION" with <client>/<server> context
↓
Owner replies with: APPROVE <id> / DENY <id> / SKIP <id>
(Full ID format: <client>-<server>-<type>-<NNN>, e.g. client-1-server-01-ACT-20260529-001)
↓
Search all actions/*/*/pending-confirm/ for the ID
↓
APPROVE → agent connects to <client>/<server> via SSH MCP → executes action → logs to history/
DENY → action skipped, noted
SKIP → deferred to next audit
```
---
## Email Report Structure
Reports are sent per-server, per-client (summary), and master. All via email plugin/skill.
### Per-Server Report
```
Subject: [Linux Guardian] <client>/<server> — YYYY-MM-DD | Score: N/100 | CRITICAL:N HIGH:N
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
LINUX SECURITY GUARDIAN — NIGHTLY REPORT
Client: <client> | Server: <server> | <IP> | YYYY-MM-DD 01:00 IST
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
EXECUTIVE SUMMARY
Security Score: N/100 | Grade: X
Critical: N | High: N | Medium: N | Low: N
Auto-fixed: N | Pending confirm: N | Passed: N
━━ 🔴 CRITICAL (immediate action needed)
[Finding details]
━━ 🟠 HIGH
[Finding details]
━━ ⚡ AUTO-ACTIONS TAKEN (safe, non-breaking)
[What was auto-fixed]
━━ 🔑 NEEDS YOUR DECISION (reply APPROVE/DENY/SKIP <id>)
[Pending confirmations with IDs — includes <client>/<server> prefix]
━━ 📦 CVE REPORT
[CVEs found by severity]
━━ 🌐 NETWORK & FIREWALL
[Port/firewall status]
━━ 🟡 MEDIUM / LOW
[Less urgent findings]
━━ 🟢 ALL PASSING
[Checks that passed]
━━ NEXT AUDIT: Tomorrow 01:00 IST
```
### Per-Client Summary Report
```
Subject: [Linux Guardian] <client> Summary — YYYY-MM-DD | Servers: N/N | CRITICAL:N HIGH:N
Client: <client>
Servers audited: N of N total
Average score: N/100
| Server | Score | Critical | High | Score Grade |
|--------|-------|----------|------|-------------|
| ... | ... | ... | ... | ... |
Cross-server patterns: [same vuln found on multiple servers]
```
---
## Security Score Formula
```
score = 100
score -= (critical_count × 20)
score -= (high_count × 10)
score -= (medium_count × 3)
score -= (low_count × 1)
score = max(0, score)
Grade: 90-100 = A | 75-89 = B | 60-74 = C | < 60 = F
```
---
## Folder Structure
```
linux-security-guardian/
audit/
modules/ ← 01-system.md ... 18-rootkit.md
results/
<client>/<server>/
critical/ high/ warning/ info/ pass/
YYYY-MM-DD-<check>.md ← per-client/per-server findings
actions/
<client>/<server>/
auto-done/ ← auto-fixed actions (logged)
YYYY-MM-DD-<slug>.md
pending-confirm/ ← waiting for owner
<id>-<slug>.md
history/ ← all approved/denied actions
cve/
cve-scan.sh ← external CVE scanner (takes --client --server)
external-sources.md ← all API URLs, query params, working examples
.cache/ ← shared cached API responses (6h TTL)
<client>/<server>/
scan-results/ ← YYYY-MM-DD.md
advisories/ ← <cve-id>.md
reports/
<client>/<server>/
daily/YYYY-MM-DD.md
weekly/YYYY-WNN.md
network/
<client>/<server>/
firewall-snapshots/ ← YYYY-MM-DD-rules.txt
port-scans/ ← YYYY-MM-DD.md
proposed-changes/ ← <id>-<change>.md
hooks/
audit-runner.md ← main 1 AM audit orchestrator (multi-client loop)
on-critical.md ← fires on any critical finding (with client/server)
on-confirm-reply.md ← processes owner APPROVE/DENY/SKIP
pre-action.md ← safety check before any action
post-action.md ← verify action succeeded
mail-sender.md ← uses email plugin/skill to send report
crons/
active/
nightly-audit.md ← 1 AM IST permanent
completed/
errors/
raw/ ← raw error logs
memory/
schema.json
index.json
SOUL.md ← soul context (multi-client aware)
AGENT.md ← behavioral rules (multi-client, SSH MCP hard dep)
SERVER_PROFILE.md ← multi-client server details
AUDIT_LOG.md ← append-only master log
BASELINE.md ← expected state snapshot
STATS.md
```