arc-sentinel
Security monitoring and infrastructure health checks for OpenClaw agents. Run breach monitoring (HaveIBeenPwned), SSL certificate expiry checks, GitHub security audits, credential rotation tracking, secret scanning, git hygiene, token watchdog, and permission audits. Use when performing security scans, checking credential rotation status, auditing repos for leaked secrets, or monitoring SSL certificates and infrastructure health.
Best use case
arc-sentinel is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Security monitoring and infrastructure health checks for OpenClaw agents. Run breach monitoring (HaveIBeenPwned), SSL certificate expiry checks, GitHub security audits, credential rotation tracking, secret scanning, git hygiene, token watchdog, and permission audits. Use when performing security scans, checking credential rotation status, auditing repos for leaked secrets, or monitoring SSL certificates and infrastructure health.
Teams using arc-sentinel should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/arc-sentinel/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How arc-sentinel Compares
| Feature / Agent | arc-sentinel | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Security monitoring and infrastructure health checks for OpenClaw agents. Run breach monitoring (HaveIBeenPwned), SSL certificate expiry checks, GitHub security audits, credential rotation tracking, secret scanning, git hygiene, token watchdog, and permission audits. Use when performing security scans, checking credential rotation status, auditing repos for leaked secrets, or monitoring SSL certificates and infrastructure health.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
AI Agents for Marketing
Discover AI agents for marketing workflows, from SEO and content production to campaign research, outreach, and analytics.
AI Agents for Startups
Explore AI agent skills for startup validation, product research, growth experiments, documentation, and fast execution with small teams.
SKILL.md Source
# Arc Sentinel Security monitoring toolkit for OpenClaw agents. Runs automated checks against your infrastructure and reports issues. ## Configuration Before first use, create `sentinel.conf` in the skill directory: ```bash cp sentinel.conf.example sentinel.conf ``` Edit `sentinel.conf` with your values: - **DOMAINS** — Space-separated list of domains to check SSL certificates - **GITHUB_USER** — GitHub username for repo audits - **KNOWN_REPOS** — Space-separated list of expected repo names (unexpected repos trigger warnings) - **MONITOR_EMAIL** — Email address for HaveIBeenPwned breach checks - **HIBP_API_KEY** — Optional; HIBP v3 API key ($3.50/mo) for automated breach lookups Also customize `credential-tracker.json` with your own credentials and rotation policies. A template is provided. ## Quick Start ### Full scan ```bash cd <skill-dir> bash sentinel.sh ``` ### Output - Formatted report to stdout with color-coded severity - JSON report saved to `reports/YYYY-MM-DD.json` - Exit codes: `0` = all clear, `1` = warnings, `2` = critical ## Checks ### 1. SSL Certificate Expiry Check certificate expiry for configured domains. Warns at <30 days, critical at <14 days. ### 2. GitHub Security - List repos and check Dependabot/vulnerability alert status - Review recent account activity for anomalies - Flag unexpected repositories ### 3. Breach Monitoring (HaveIBeenPwned) - Query HIBP API for breached accounts (requires API key) - Falls back to manual check URL if no key is set ### 4. Credential Rotation Tracking Read `credential-tracker.json` and flag credentials that are overdue, approaching expiry, or never rotated. Supports policies: `quarterly` (90d), `6_months` (180d), `annual` (365d), `auto`. ## Additional Scripts | Script | Purpose | |--------|---------| | `scripts/secret-scanner.sh` | Scan repos/files for leaked secrets and API keys | | `scripts/git-hygiene.sh` | Audit git history for security issues | | `scripts/token-watchdog.sh` | Monitor token validity and expiry | | `scripts/permission-auditor.sh` | Audit file and access permissions | | `scripts/skill-auditor.sh` | Audit installed skills for security | | `scripts/full-audit.sh` | Run all scripts in sequence | ## Agent Usage During heartbeats or on request: 1. Run `bash sentinel.sh` from the skill directory 2. Review output for WARN or CRITICAL items 3. Report findings to the human if anything needs attention 4. Update `credential-tracker.json` when credentials are rotated ## Cron Setup ```bash # Weekly Monday 9am 0 9 * * 1 cd /path/to/arc-sentinel && bash sentinel.sh >> reports/cron.log 2>&1 ``` ## Requirements - `openssl` (SSL checks) - `gh` CLI authenticated (GitHub checks) - `curl` (HIBP) - `python3` (JSON processing)
Related Skills
security-sentinel
Scan the workspace for security vulnerabilities, exposed secrets, and misconfigurations.
openclaw-sentinel
No description provided.
ai-sentinel
Prompt injection detection and security scanning for OpenClaw agents. Installs the ai-sentinel plugin via OpenClaw CLI, configures plugin settings, and offers local (Community) or remote (Pro) classification with dashboard reporting. All configuration changes require explicit user confirmation.
sentinel
Transform an Android phone with IP Webcam into an intelligent Edge AI security system with OpenClaw.
---
name: article-factory-wechat
humanizer
Remove signs of AI-generated writing from text. Use when editing or reviewing text to make it sound more natural and human-written. Based on Wikipedia's comprehensive "Signs of AI writing" guide. Detects and fixes patterns including: inflated symbolism, promotional language, superficial -ing analyses, vague attributions, em dash overuse, rule of three, AI vocabulary words, negative parallelisms, and excessive conjunctive phrases.
find-skills
Helps users discover and install agent skills when they ask questions like "how do I do X", "find a skill for X", "is there a skill that can...", or express interest in extending capabilities. This skill should be used when the user is looking for functionality that might exist as an installable skill.
tavily-search
Use Tavily API for real-time web search and content extraction. Use when: user needs real-time web search results, research, or current information from the web. Requires Tavily API key.
baidu-search
Search the web using Baidu AI Search Engine (BDSE). Use for live information, documentation, or research topics.
agent-autonomy-kit
Stop waiting for prompts. Keep working.
Meeting Prep
Never walk into a meeting unprepared again. Your agent researches all attendees before calendar events—pulling LinkedIn profiles, recent company news, mutual connections, and conversation starters. Generates a briefing doc with talking points, icebreakers, and context so you show up informed and confident. Triggered automatically before meetings or on-demand. Configure research depth, advance timing, and output format. Walking into meetings blind is amateur hour—missed connections, generic small talk, zero leverage. Use when setting up meeting intelligence, researching specific attendees, generating pre-meeting briefs, or automating your prep workflow.
self-improvement
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Claude ('No, that's wrong...', 'Actually...'), (3) User requests a capability that doesn't exist, (4) An external API or tool fails, (5) Claude realizes its knowledge is outdated or incorrect, (6) A better approach is discovered for a recurring task. Also review learnings before major tasks.