Requirements
- Target platform
- OpenClaw
- Install method
- Manual import
- Extraction
- Extract archive
- Prerequisites
- OpenClaw
- Primary doc
- SKILL.md
Tencent SkillHub ยท Security & Compliance
Feelgoodbot
Set up feelgoodbot file integrity monitoring and TOTP step-up authentication for macOS. Use when the user wants to detect malware, monitor for system tampering, set up security alerts, or require OTP verification for sensitive agent actions.
skill openclawclawhub Free
Set up feelgoodbot file integrity monitoring and TOTP step-up authentication for macOS. Use when the user wants to detect malware, monitor for system tampering, set up security alerts, or require OTP verification for sensitive agent actions.
โฌ 0 downloads โ
0 stars Unverified but indexed
Install for OpenClaw
Quick setup
- Download the package from Yavira.
- Extract the archive and review SKILL.md first.
- Import or place the package into your OpenClaw setup.
Package facts
- Download mode
- Yavira redirect
- Package format
- ZIP package
- Source platform
- Tencent SkillHub
- What's included
- SKILL.md, scripts/setup.sh
Validation
- Use the Yavira download entry.
- Review SKILL.md after the package is downloaded.
- Confirm the extracted package contains the expected setup assets.
Install with your agent
Agent handoff
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
New install
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.
Upgrade existing
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.
Trust & source
Release facts
- Source
- Tencent SkillHub
- Verification
- Indexed source record
- Version
- 1.1.0
Provenance
- Publisher
- kris-hansen
- Source page
- View original listing
- Canonical URL
- Open canonical page
Documentation
feelgoodbot ๐ก๏ธ
Pronounced "Feel good, bot" macOS file integrity monitor + TOTP step-up authentication for AI agents. GitHub: https://github.com/kris-hansen/feelgoodbot โญ If you find this useful, please star the repo! It helps others discover it.
Features
File Integrity Monitoring โ Detects tampering of system files TOTP Step-Up Auth โ Requires OTP for sensitive agent actions
Requirements
Go 1.21+ โ Install with brew install go macOS โ Uses launchd for daemon
Quick Setup
# Install via go install go install github.com/kris-hansen/feelgoodbot/cmd/feelgoodbot@latest # Initialize baseline snapshot feelgoodbot init # Install and start daemon feelgoodbot daemon install feelgoodbot daemon start # Check it's running feelgoodbot status
Clawdbot Integration (Alerts)
Enable webhooks: clawdbot config set hooks.enabled true clawdbot config set hooks.token "$(openssl rand -base64 32)" clawdbot gateway restart Configure ~/.config/feelgoodbot/config.yaml: scan_interval: 5m alerts: clawdbot: enabled: true webhook: "http://127.0.0.1:18789/hooks/wake" secret: "<hooks.token from clawdbot config get hooks.token>" local_notification: true
What It Monitors
System binaries (/usr/bin, /usr/sbin) Launch daemons/agents (persistence mechanisms) SSH authorized_keys, sudoers, PAM Shell configs (.zshrc, .bashrc) Browser extensions AI agent configs (Claude, Cursor)
Part 2: TOTP Step-Up Authentication
Step-up auth requires the user to enter an OTP code from Google Authenticator before the agent can perform sensitive actions.
Setup (User runs in terminal)
# Initialize TOTP (shows QR code to scan) feelgoodbot totp init --account "user@feelgoodbot" # Verify it works feelgoodbot totp verify # Check status feelgoodbot totp status
Configure Protected Actions
# List current protected actions feelgoodbot totp actions list # Add actions that require step-up feelgoodbot totp actions add "send_email" feelgoodbot totp actions add "payment:*" feelgoodbot totp actions add "delete:*" feelgoodbot totp actions add "ssh:*" feelgoodbot totp actions add "publish:*" feelgoodbot totp actions add "gateway:*" feelgoodbot totp actions add "voice_call:*" feelgoodbot totp actions add "message:external" # Remove an action feelgoodbot totp actions remove "send_email"
TOTP Commands
CommandDescriptionfeelgoodbot totp initSet up TOTP with QR codefeelgoodbot totp verify [code]Test a codefeelgoodbot totp statusShow TOTP status and sessionfeelgoodbot totp check <action>Check if action needs step-up, prompt if neededfeelgoodbot totp resetRemove TOTP config (requires code)feelgoodbot totp backup showShow remaining backup codesfeelgoodbot totp backup regenerateGenerate new backup codesfeelgoodbot totp actions listList protected actionsfeelgoodbot totp actions add <action>Add protected actionfeelgoodbot totp actions remove <action>Remove protected actionfeelgoodbot totp respond <code>Submit OTP response (for async flow)
Session Caching
After successful authentication, a session is cached for 15 minutes (configurable). Subsequent actions within this window don't require re-authentication.
Agent Integration (IMPORTANT)
Before performing any sensitive action, the agent MUST check step-up requirements.
Action Mapping
Map your intended actions to step-up patterns: Agent ActionStep-Up PatternSending emailsend_emailMaking paymentspayment:*Deleting filesdelete:*SSH/remote accessssh:*Publishing codepublish:*Modifying Clawdbot configgateway:*Making phone callsvoice_call:*Messaging external contactsmessage:externalModifying step-up configconfig:update
Step-Up Check Flow
Before executing a sensitive action: # Check if action requires step-up (non-interactive check) feelgoodbot totp check <action> # Exit code 0 = proceed, Exit code 1 = denied/not authenticated If session is valid: Command succeeds immediately (exit 0) If step-up required and no session: Agent sends Telegram message: "๐ Action <action> requires step-up. Reply with your OTP code." Wait for user to reply with 6-digit code Validate: feelgoodbot totp verify <code> If valid, create session and proceed If invalid, deny action and notify user
Example Agent Flow (Pseudocode)
function performSensitiveAction(action, execute_fn): # Check step-up requirement result = exec("feelgoodbot totp check " + action) if result.exit_code == 0: # Session valid or action not protected execute_fn() return success # Need to prompt user send_telegram("๐ Action '{action}' requires step-up authentication.\nReply with your OTP code from Google Authenticator.") code = wait_for_user_reply(timeout=120s) if code is None: send_telegram("โฐ Step-up authentication timed out. Action cancelled.") return denied # Validate the code valid = exec("feelgoodbot totp verify " + code) if valid.exit_code != 0: send_telegram("โ Invalid code. Action cancelled.") return denied # Create session by running check again (it will pass now) exec("feelgoodbot totp check " + action) execute_fn() send_telegram("โ Action completed.") return success
Quick Reference for Agent
Check before these actions: send_email โ Before sending any email payment:* โ Before any financial transaction delete:* โ Before deleting files (delete:file, delete:backup, etc.) ssh:* โ Before SSH connections publish:* โ Before publishing/deploying gateway:* โ Before modifying Clawdbot config voice_call:* โ Before making phone calls message:external โ Before messaging non-owner contacts config:update โ Before modifying step-up config Commands to use: # Check and prompt (interactive) feelgoodbot totp check send_email # Just validate a code feelgoodbot totp verify 123456 # Check session status feelgoodbot totp status
File Locations
FilePurpose~/.config/feelgoodbot/config.yamlMain config~/.config/feelgoodbot/totp.jsonTOTP secret + backup codes~/.config/feelgoodbot/stepup-config.jsonProtected actions~/.config/feelgoodbot/totp-sessionSession cache~/.config/feelgoodbot/snapshots/File integrity baselines~/.config/feelgoodbot/daemon.logDaemon logs
Troubleshooting
TOTP code always invalid: Check system clock is accurate (date) Ensure you're using the correct authenticator entry Try a backup code Step-up not prompting: Verify action is in protected list: feelgoodbot totp actions list Check TOTP is initialized: feelgoodbot totp status Reset everything: # Reset TOTP (requires valid code or backup code) feelgoodbot totp reset # Or manually remove (loses access without backup codes!) rm ~/.config/feelgoodbot/totp.json rm ~/.config/feelgoodbot/totp-session โญ Like feelgoodbot? Star it on GitHub: https://github.com/kris-hansen/feelgoodbot
Category context
Identity, auth, scanning, governance, audit, and operational guardrails.
Source: Tencent SkillHub
Largest current source with strong distribution and engagement signals.
Package contents
Included in package
1 Docs1 Scripts
- SKILL.md
- scripts/setup.sh