# Send Crusty Security to your agent Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually. ## Fast path - Download the package from Yavira. - Extract it into a folder your agent can access. - Paste one of the prompts below and point your agent at the extracted folder. ## Suggested prompts ### New install ```text I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete. ``` ### Upgrade existing ```text I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run. ``` ## Machine-readable fields ```json { "schemaVersion": "1.0", "item": { "slug": "crusty-security", "name": "Crusty Security", "source": "tencent", "type": "skill", "category": "安全合规", "sourceUrl": "https://clawhub.ai/silentcool/crusty-security", "canonicalUrl": "https://clawhub.ai/silentcool/crusty-security", "targetPlatform": "OpenClaw" }, "install": { "downloadUrl": "/downloads/crusty-security", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=crusty-security", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "packageFormat": "ZIP package", "primaryDoc": "SKILL.md", "includedAssets": [ "CHANGELOG.md", "LICENSE.txt", "README.md", "SKILL.md", "_meta.json", "references/remediation.md" ], "downloadMode": "redirect", "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/crusty-security" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] } }, "links": { "detailUrl": "https://openagent3.xyz/skills/crusty-security", "downloadUrl": "https://openagent3.xyz/downloads/crusty-security", "agentUrl": "https://openagent3.xyz/skills/crusty-security/agent", "manifestUrl": "https://openagent3.xyz/skills/crusty-security/agent.json", "briefUrl": "https://openagent3.xyz/skills/crusty-security/agent.md" } } ``` ## Documentation ### Overview Crusty Security protects OpenClaw agents against real threats: malware in downloaded files, compromised skills from ClawHub, data exfiltration, prompt injection payloads, and host-level compromise. It uses ClamAV for file scanning and AI-agent-specific static analysis. Threat model: The agent itself is the attack surface. Prompt injection can lead to code execution. Malicious skills run with agent privileges. Crusty Security protects both the host AND the agent's integrity. ### Quick Reference TaskCommandInstall ClamAVbash scripts/install_clamav.shScan a filebash scripts/scan_file.sh /path/to/fileScan a directorybash scripts/scan_file.sh -r /path/to/dirAudit a skillbash scripts/audit_skill.sh /path/to/skill/Host security auditbash scripts/host_audit.shMonitor agent integritybash scripts/monitor_agent.shGenerate security reportbash scripts/generate_report.sh All scripts output JSON. All scripts support --help. All paths are relative to this skill directory. ### Setup (First Run) Run bash setup.sh — that's it. This will: Install ClamAV if missing Configure freshclam (macOS Homebrew fix) Send initial heartbeat to dashboard (if CRUSTY_API_KEY set) Run initial host audit + workspace scan (populates dashboard immediately) Check which scheduled scans need to be created ⚠️ IMPORTANT — After setup.sh, you MUST create the cron jobs below using the OpenClaw cron tool. Setup.sh handles the bash-level installation, but cron jobs require agent-level tools. Do this immediately after first install — don't wait for the user to ask. ### Required Cron Jobs (create on first install) Check what's missing: bash scripts/check_crons.sh Use the OpenClaw cron tool (cron add) to create these. Replace {SKILL_DIR} with the actual path to this skill directory and {WORKSPACE} with the workspace path (usually /data/workspace). NameSchedulesessionTargetPayloadcrusty-daily-scancron 0 3 * * *main / systemEventRun Crusty Security daily scan: bash {SKILL_DIR}/scripts/scan_file.sh --incremental -r {WORKSPACE} && bash {SKILL_DIR}/scripts/monitor_agent.shcrusty-weekly-fullcron 0 3 * * 0main / systemEventRun Crusty Security weekly scan: bash {SKILL_DIR}/scripts/scan_file.sh -r {WORKSPACE} && bash {SKILL_DIR}/scripts/host_audit.sh && bash {SKILL_DIR}/scripts/generate_report.sh --output /tmp/crusty_logs/weekly_report.mdcrusty-monthly-deepcron 0 4 1 * *main / systemEventRun Crusty Security monthly deep audit: bash {SKILL_DIR}/scripts/host_audit.sh --deep ### Dashboard Cron Jobs (only if CRUSTY_API_KEY is set) NameSchedulesessionTargetPayloadcrusty-heartbeatevery 300000ms (5 min)main / systemEventCrusty Security heartbeat: Run bash {SKILL_DIR}/scripts/dashboard.sh heartbeatcrusty-clawhub-syncevery 43200000ms (12h)isolated / agentTurnRun ClawHub security sync: python3 {SKILL_DIR}/scripts/clawhub_sync.py --push. Report any critical or high severity findings. Check cron list first — skip any that already exist (match by name prefix crusty-). See references/setup.md for detailed configuration. ### Dashboard Connection If your human has configured CRUSTY_API_KEY, the skill sends scan results to the Crusty Security dashboard (crustysecurity.com): Heartbeats are sent every 5 minutes automatically — keeps the dashboard showing agent status Scan results are pushed when you add --push to scan commands ClawHub sync sends skill inventory with python3 scripts/clawhub_sync.py --push If CRUSTY_API_KEY is NOT set, everything works locally — no data is sent anywhere The dashboard never connects TO the agent — data flows one way (agent → dashboard) ### File Scanning Triggers: "scan this file", "is this safe", "check this download", "virus scan" Run bash scripts/scan_file.sh for ClamAV local scan Report results: ✅ Clean — "No threats detected. Scanned with ClamAV, signatures from [date]." ⚠️ Suspicious — "Low-confidence detection by ClamAV. Recommend quarantine for review." 🚨 Malicious — "Threat detected: [name]. Recommend quarantine. Options: quarantine, delete, or ignore." For directories: bash scripts/scan_file.sh -r /data/workspace # Full recursive scan bash scripts/scan_file.sh -r --incremental /data/workspace # Skip unchanged files Quarantine workflow: bash scripts/scan_file.sh --quarantine /path/to/file # Move to quarantine # Quarantine location: $CRUSTY_QUARANTINE (default: /tmp/crusty_quarantine) # Manifest: /tmp/crusty_quarantine/manifest.json Important notes: ClamAV prefers clamdscan (daemon) when available, falls back to clamscan Max file size default: 200M (configurable via CRUSTY_MAX_FILE_SIZE) Encrypted archives: flagged as "unscanned" — cannot inspect contents Large archives: ClamAV handles zip, rar, 7z, tar, gz natively ### Skill Auditing (Supply Chain Security) Triggers: "audit this skill", "is this skill safe", "check skill security", "scan skill" bash scripts/audit_skill.sh /path/to/skill/directory/ What it checks: 🔴 Critical: curl/wget piped to shell, reverse shell patterns, crypto mining indicators 🟠 High: eval/exec with dynamic input, base64 decode patterns, data exfiltration endpoints (webhook.site, ngrok, etc.), credential harvesting, binary executables, agent config modification 🟡 Medium: hidden files, system file access, hardcoded IPs, obfuscated code, persistence mechanisms (cron, systemd) 🔵 Low/Info: large skill size, credential references in docs Output: Risk score (low/medium/high/critical) + detailed findings with evidence. When to use: Before installing any skill from ClawHub When reviewing third-party skill contributions Periodically on all installed skills: for d in /data/workspace/skills/*/; do bash scripts/audit_skill.sh "$d"; done ### Host Security Audit Triggers: "audit host", "security audit", "check host security" bash scripts/host_audit.sh or bash scripts/host_audit.sh --deep Checks: Suspicious cron jobs (curl piping, base64, reverse shells) Unexpected listening ports Recently modified system files (deep mode) SSH key audit (excessive keys, no-comment keys, root login) Sensitive file permissions (world-writable /etc/passwd, etc.) ClamAV signature freshness openclaw security audit (if available) Output: Posture score (0-100) + findings. Score deductions: critical (-25), high (-15), medium (-10), low (-5). ### Agent Behavior Monitoring Triggers: "check agent integrity", "monitor agent", "is the agent compromised" bash scripts/monitor_agent.sh What it checks: Recent modifications to AGENTS.md, SOUL.md, MEMORY.md, TOOLS.md, USER.md Memory file churn (>10 files modified = suspicious) Unexpected cron jobs (anything not clawguard/freshclam/standard maintenance) Suspicious outbound connections (IRC ports, backdoor ports, Tor) Files created outside workspace (/tmp executables, home directory changes) Suspicious processes (xmrig, nc -l, ncat, socat, chisel) High CPU processes (>80% — potential miners) Sensitive file exposure (.env files, world-readable SSH keys) Output: Status (healthy / warnings_present / compromised_indicators) + findings. ### Security Report Generation Triggers: "security report", "threat report", "posture report" bash scripts/generate_report.sh or bash scripts/generate_report.sh --days 30 --output report.md Compiles all recent scan results into a markdown security posture report with: Scan summary (total, clean, threats, errors) Threat details with file paths and actions taken Security posture score with emoji indicators Recommendations (missing tools, scan schedules) ### Automatic Scheduled Scanning Cron jobs are defined in the Setup (First Run) section above. Create them immediately on first install using the OpenClaw cron tool. To verify all crons are configured: bash scripts/check_crons.sh ### False Positive Handling ClamAV has moderate false positive rates. Strategy: Single ClamAV detection, known safe source → Likely false positive. Log and skip. ClamAV detection, unknown source → Quarantine and investigate. ClamAV detection + skill audit findings → Real threat. Quarantine immediately. To handle a false positive: Submit to ClamAV: https://www.clamav.net/reports/fp Document in scan logs for future reference ### Quarantine Procedures Location: $CRUSTY_QUARANTINE (default: /tmp/crusty_quarantine) Manifest: manifest.json in quarantine directory tracks original paths and timestamps. # View quarantined files cat /tmp/crusty_quarantine/manifest.json | python3 -m json.tool # Restore a false positive mv /tmp/crusty_quarantine/ /original/path/ # Permanently delete rm -rf /tmp/crusty_quarantine/* Never use clamscan --remove. Always quarantine first, verify, then delete. ### Offline Mode Crusty Security works fully offline with reduced capability: ✅ ClamAV scanning (local signatures) ✅ Skill auditing (static analysis, no network needed) ✅ Host auditing (local checks) ✅ Agent monitoring (local checks) ⚠️ ClamAV signatures may be stale (check freshness in host audit) ### Resource-Constrained Environments (Raspberry Pi) For hosts with <2GB RAM: install_clamav.sh auto-detects low RAM and skips daemon mode Use clamscan (on-demand) instead of clamd (daemon) Use incremental scanning (--incremental) to reduce scan time Skill auditing and agent monitoring have minimal resource requirements For hosts with <1GB RAM: Consider skipping ClamAV entirely Use skill auditing + agent monitoring only These tools are shell/Python with negligible memory usage ### Environment Variables VariableDefaultDescriptionCRUSTY_API_KEY(none)Dashboard API key (cg_live_...)CRUSTY_DASHBOARD_URLhttps://crustysecurity.comDashboard URLCRUSTY_QUARANTINE/tmp/crusty_quarantineQuarantine directoryCRUSTY_LOG_DIR/tmp/crusty_logsScan log directoryCRUSTY_MAX_FILE_SIZE200MMax file size to scanCRUSTY_WORKSPACEauto-detectedAgent workspace path Backwards compat: CLAWGUARD_* env vars are still supported but deprecated. Use CRUSTY_* going forward. ### Incident Response When a real threat is confirmed, see references/remediation.md for the full checklist. Quick summary: Quarantine the file immediately Assess scope — was it executed? Did it modify other files? Check persistence — cron jobs, SSH keys, shell profiles, systemd services Check exfiltration — outbound connections, DNS queries, API key usage Rotate credentials if any were potentially exposed Full scan — bash scripts/scan_file.sh -r / Document the incident ## Trust - Source: tencent - Verification: Indexed source record - Publisher: silentcool - Version: 0.1.4 ## Source health - Status: healthy - Source download looks usable. - Yavira can redirect you to the upstream package for this source. - Health scope: source - Reason: direct_download_ok - Checked at: 2026-04-23T16:43:11.935Z - Expires at: 2026-04-30T16:43:11.935Z - Recommended action: Download for OpenClaw ## Links - [Detail page](https://openagent3.xyz/skills/crusty-security) - [Send to Agent page](https://openagent3.xyz/skills/crusty-security/agent) - [JSON manifest](https://openagent3.xyz/skills/crusty-security/agent.json) - [Markdown brief](https://openagent3.xyz/skills/crusty-security/agent.md) - [Download page](https://openagent3.xyz/downloads/crusty-security)