{ "schemaVersion": "1.0", "item": { "slug": "feelgoodbot", "name": "Feelgoodbot", "source": "tencent", "type": "skill", "category": "安å…Øåˆč§„", "sourceUrl": "https://clawhub.ai/kris-hansen/feelgoodbot", "canonicalUrl": "https://clawhub.ai/kris-hansen/feelgoodbot", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/feelgoodbot", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=feelgoodbot", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md", "scripts/setup.sh" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/feelgoodbot" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/feelgoodbot", "agentPageUrl": "https://openagent3.xyz/skills/feelgoodbot/agent", "manifestUrl": "https://openagent3.xyz/skills/feelgoodbot/agent.json", "briefUrl": "https://openagent3.xyz/skills/feelgoodbot/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "feelgoodbot šŸ›”ļø", "body": "Pronounced \"Feel good, bot\"\n\nmacOS file integrity monitor + TOTP step-up authentication for AI agents.\n\nGitHub: https://github.com/kris-hansen/feelgoodbot\n\nā­ If you find this useful, please star the repo! It helps others discover it." }, { "title": "Features", "body": "File Integrity Monitoring ā€” Detects tampering of system files\nTOTP Step-Up Auth ā€” Requires OTP for sensitive agent actions" }, { "title": "Requirements", "body": "Go 1.21+ ā€” Install with brew install go\nmacOS ā€” Uses launchd for daemon" }, { "title": "Quick Setup", "body": "# Install via go install\ngo install github.com/kris-hansen/feelgoodbot/cmd/feelgoodbot@latest\n\n# Initialize baseline snapshot\nfeelgoodbot init\n\n# Install and start daemon\nfeelgoodbot daemon install\nfeelgoodbot daemon start\n\n# Check it's running\nfeelgoodbot status" }, { "title": "Clawdbot Integration (Alerts)", "body": "Enable webhooks:\n\nclawdbot config set hooks.enabled true\nclawdbot config set hooks.token \"$(openssl rand -base64 32)\"\nclawdbot gateway restart\n\nConfigure ~/.config/feelgoodbot/config.yaml:\n\nscan_interval: 5m\nalerts:\n clawdbot:\n enabled: true\n webhook: \"http://127.0.0.1:18789/hooks/wake\"\n secret: \"\"\n local_notification: true" }, { "title": "What It Monitors", "body": "System binaries (/usr/bin, /usr/sbin)\nLaunch daemons/agents (persistence mechanisms)\nSSH authorized_keys, sudoers, PAM\nShell configs (.zshrc, .bashrc)\nBrowser extensions\nAI agent configs (Claude, Cursor)" }, { "title": "Part 2: TOTP Step-Up Authentication", "body": "Step-up auth requires the user to enter an OTP code from Google Authenticator before the agent can perform sensitive actions." }, { "title": "Setup (User runs in terminal)", "body": "# Initialize TOTP (shows QR code to scan)\nfeelgoodbot totp init --account \"user@feelgoodbot\"\n\n# Verify it works\nfeelgoodbot totp verify\n\n# Check status\nfeelgoodbot totp status" }, { "title": "Configure Protected Actions", "body": "# List current protected actions\nfeelgoodbot totp actions list\n\n# Add actions that require step-up\nfeelgoodbot totp actions add \"send_email\"\nfeelgoodbot totp actions add \"payment:*\"\nfeelgoodbot totp actions add \"delete:*\"\nfeelgoodbot totp actions add \"ssh:*\"\nfeelgoodbot totp actions add \"publish:*\"\nfeelgoodbot totp actions add \"gateway:*\"\nfeelgoodbot totp actions add \"voice_call:*\"\nfeelgoodbot totp actions add \"message:external\"\n\n# Remove an action\nfeelgoodbot totp actions remove \"send_email\"" }, { "title": "TOTP Commands", "body": "CommandDescriptionfeelgoodbot totp initSet up TOTP with QR codefeelgoodbot totp verify [code]Test a codefeelgoodbot totp statusShow TOTP status and sessionfeelgoodbot totp check Check if action needs step-up, prompt if neededfeelgoodbot totp resetRemove TOTP config (requires code)feelgoodbot totp backup showShow remaining backup codesfeelgoodbot totp backup regenerateGenerate new backup codesfeelgoodbot totp actions listList protected actionsfeelgoodbot totp actions add Add protected actionfeelgoodbot totp actions remove Remove protected actionfeelgoodbot totp respond Submit OTP response (for async flow)" }, { "title": "Session Caching", "body": "After successful authentication, a session is cached for 15 minutes (configurable). Subsequent actions within this window don't require re-authentication." }, { "title": "Agent Integration (IMPORTANT)", "body": "Before performing any sensitive action, the agent MUST check step-up requirements." }, { "title": "Action Mapping", "body": "Map your intended actions to step-up patterns:\n\nAgent ActionStep-Up PatternSending emailsend_emailMaking paymentspayment:*Deleting filesdelete:*SSH/remote accessssh:*Publishing codepublish:*Modifying Clawdbot configgateway:*Making phone callsvoice_call:*Messaging external contactsmessage:externalModifying step-up configconfig:update" }, { "title": "Step-Up Check Flow", "body": "Before executing a sensitive action:\n\n# Check if action requires step-up (non-interactive check)\nfeelgoodbot totp check \n# Exit code 0 = proceed, Exit code 1 = denied/not authenticated\n\nIf session is valid: Command succeeds immediately (exit 0)\n\nIf step-up required and no session:\n\nAgent sends Telegram message: \"šŸ” Action requires step-up. Reply with your OTP code.\"\nWait for user to reply with 6-digit code\nValidate: feelgoodbot totp verify \nIf valid, create session and proceed\nIf invalid, deny action and notify user" }, { "title": "Example Agent Flow (Pseudocode)", "body": "function performSensitiveAction(action, execute_fn):\n # Check step-up requirement\n result = exec(\"feelgoodbot totp check \" + action)\n \n if result.exit_code == 0:\n # Session valid or action not protected\n execute_fn()\n return success\n \n # Need to prompt user\n send_telegram(\"šŸ” Action '{action}' requires step-up authentication.\\nReply with your OTP code from Google Authenticator.\")\n \n code = wait_for_user_reply(timeout=120s)\n \n if code is None:\n send_telegram(\"ā° Step-up authentication timed out. Action cancelled.\")\n return denied\n \n # Validate the code\n valid = exec(\"feelgoodbot totp verify \" + code)\n \n if valid.exit_code != 0:\n send_telegram(\"āŒ Invalid code. Action cancelled.\")\n return denied\n \n # Create session by running check again (it will pass now)\n exec(\"feelgoodbot totp check \" + action)\n \n execute_fn()\n send_telegram(\"āœ… Action completed.\")\n return success" }, { "title": "Quick Reference for Agent", "body": "Check before these actions:\n\nsend_email ā€” Before sending any email\npayment:* ā€” Before any financial transaction\ndelete:* ā€” Before deleting files (delete:file, delete:backup, etc.)\nssh:* ā€” Before SSH connections\npublish:* ā€” Before publishing/deploying\ngateway:* ā€” Before modifying Clawdbot config\nvoice_call:* ā€” Before making phone calls\nmessage:external ā€” Before messaging non-owner contacts\nconfig:update ā€” Before modifying step-up config\n\nCommands to use:\n\n# Check and prompt (interactive)\nfeelgoodbot totp check send_email\n\n# Just validate a code\nfeelgoodbot totp verify 123456\n\n# Check session status\nfeelgoodbot totp status" }, { "title": "File Locations", "body": "FilePurpose~/.config/feelgoodbot/config.yamlMain config~/.config/feelgoodbot/totp.jsonTOTP secret + backup codes~/.config/feelgoodbot/stepup-config.jsonProtected actions~/.config/feelgoodbot/totp-sessionSession cache~/.config/feelgoodbot/snapshots/File integrity baselines~/.config/feelgoodbot/daemon.logDaemon logs" }, { "title": "Troubleshooting", "body": "TOTP code always invalid:\n\nCheck system clock is accurate (date)\nEnsure you're using the correct authenticator entry\nTry a backup code\n\nStep-up not prompting:\n\nVerify action is in protected list: feelgoodbot totp actions list\nCheck TOTP is initialized: feelgoodbot totp status\n\nReset everything:\n\n# Reset TOTP (requires valid code or backup code)\nfeelgoodbot totp reset\n\n# Or manually remove (loses access without backup codes!)\nrm ~/.config/feelgoodbot/totp.json\nrm ~/.config/feelgoodbot/totp-session\n\nā­ Like feelgoodbot? Star it on GitHub: https://github.com/kris-hansen/feelgoodbot" } ], "body": "feelgoodbot šŸ›”ļø\n\nPronounced \"Feel good, bot\"\n\nmacOS file integrity monitor + TOTP step-up authentication for AI agents.\n\nGitHub: https://github.com/kris-hansen/feelgoodbot\n\nā­ If you find this useful, please star the repo! It helps others discover it.\n\nFeatures\nFile Integrity Monitoring ā€” Detects tampering of system files\nTOTP Step-Up Auth ā€” Requires OTP for sensitive agent actions\nPart 1: File Integrity Monitoring\nRequirements\nGo 1.21+ ā€” Install with brew install go\nmacOS ā€” Uses launchd for daemon\nQuick Setup\n# Install via go install\ngo install github.com/kris-hansen/feelgoodbot/cmd/feelgoodbot@latest\n\n# Initialize baseline snapshot\nfeelgoodbot init\n\n# Install and start daemon\nfeelgoodbot daemon install\nfeelgoodbot daemon start\n\n# Check it's running\nfeelgoodbot status\n\nClawdbot Integration (Alerts)\n\nEnable webhooks:\n\nclawdbot config set hooks.enabled true\nclawdbot config set hooks.token \"$(openssl rand -base64 32)\"\nclawdbot gateway restart\n\n\nConfigure ~/.config/feelgoodbot/config.yaml:\n\nscan_interval: 5m\nalerts:\n clawdbot:\n enabled: true\n webhook: \"http://127.0.0.1:18789/hooks/wake\"\n secret: \"\"\n local_notification: true\n\nWhat It Monitors\nSystem binaries (/usr/bin, /usr/sbin)\nLaunch daemons/agents (persistence mechanisms)\nSSH authorized_keys, sudoers, PAM\nShell configs (.zshrc, .bashrc)\nBrowser extensions\nAI agent configs (Claude, Cursor)\nPart 2: TOTP Step-Up Authentication\n\nStep-up auth requires the user to enter an OTP code from Google Authenticator before the agent can perform sensitive actions.\n\nSetup (User runs in terminal)\n# Initialize TOTP (shows QR code to scan)\nfeelgoodbot totp init --account \"user@feelgoodbot\"\n\n# Verify it works\nfeelgoodbot totp verify\n\n# Check status\nfeelgoodbot totp status\n\nConfigure Protected Actions\n# List current protected actions\nfeelgoodbot totp actions list\n\n# Add actions that require step-up\nfeelgoodbot totp actions add \"send_email\"\nfeelgoodbot totp actions add \"payment:*\"\nfeelgoodbot totp actions add \"delete:*\"\nfeelgoodbot totp actions add \"ssh:*\"\nfeelgoodbot totp actions add \"publish:*\"\nfeelgoodbot totp actions add \"gateway:*\"\nfeelgoodbot totp actions add \"voice_call:*\"\nfeelgoodbot totp actions add \"message:external\"\n\n# Remove an action\nfeelgoodbot totp actions remove \"send_email\"\n\nTOTP Commands\nCommand\tDescription\nfeelgoodbot totp init\tSet up TOTP with QR code\nfeelgoodbot totp verify [code]\tTest a code\nfeelgoodbot totp status\tShow TOTP status and session\nfeelgoodbot totp check \tCheck if action needs step-up, prompt if needed\nfeelgoodbot totp reset\tRemove TOTP config (requires code)\nfeelgoodbot totp backup show\tShow remaining backup codes\nfeelgoodbot totp backup regenerate\tGenerate new backup codes\nfeelgoodbot totp actions list\tList protected actions\nfeelgoodbot totp actions add \tAdd protected action\nfeelgoodbot totp actions remove \tRemove protected action\nfeelgoodbot totp respond \tSubmit OTP response (for async flow)\nSession Caching\n\nAfter successful authentication, a session is cached for 15 minutes (configurable). Subsequent actions within this window don't require re-authentication.\n\nAgent Integration (IMPORTANT)\n\nBefore performing any sensitive action, the agent MUST check step-up requirements.\n\nAction Mapping\n\nMap your intended actions to step-up patterns:\n\nAgent Action\tStep-Up Pattern\nSending email\tsend_email\nMaking payments\tpayment:*\nDeleting files\tdelete:*\nSSH/remote access\tssh:*\nPublishing code\tpublish:*\nModifying Clawdbot config\tgateway:*\nMaking phone calls\tvoice_call:*\nMessaging external contacts\tmessage:external\nModifying step-up config\tconfig:update\nStep-Up Check Flow\n\nBefore executing a sensitive action:\n\n# Check if action requires step-up (non-interactive check)\nfeelgoodbot totp check \n# Exit code 0 = proceed, Exit code 1 = denied/not authenticated\n\n\nIf session is valid: Command succeeds immediately (exit 0)\n\nIf step-up required and no session:\n\nAgent sends Telegram message: \"šŸ” Action requires step-up. Reply with your OTP code.\"\nWait for user to reply with 6-digit code\nValidate: feelgoodbot totp verify \nIf valid, create session and proceed\nIf invalid, deny action and notify user\nExample Agent Flow (Pseudocode)\nfunction performSensitiveAction(action, execute_fn):\n # Check step-up requirement\n result = exec(\"feelgoodbot totp check \" + action)\n \n if result.exit_code == 0:\n # Session valid or action not protected\n execute_fn()\n return success\n \n # Need to prompt user\n send_telegram(\"šŸ” Action '{action}' requires step-up authentication.\\nReply with your OTP code from Google Authenticator.\")\n \n code = wait_for_user_reply(timeout=120s)\n \n if code is None:\n send_telegram(\"ā° Step-up authentication timed out. Action cancelled.\")\n return denied\n \n # Validate the code\n valid = exec(\"feelgoodbot totp verify \" + code)\n \n if valid.exit_code != 0:\n send_telegram(\"āŒ Invalid code. Action cancelled.\")\n return denied\n \n # Create session by running check again (it will pass now)\n exec(\"feelgoodbot totp check \" + action)\n \n execute_fn()\n send_telegram(\"āœ… Action completed.\")\n return success\n\nQuick Reference for Agent\n\nCheck before these actions:\n\nsend_email ā€” Before sending any email\npayment:* ā€” Before any financial transaction\ndelete:* ā€” Before deleting files (delete:file, delete:backup, etc.)\nssh:* ā€” Before SSH connections\npublish:* ā€” Before publishing/deploying\ngateway:* ā€” Before modifying Clawdbot config\nvoice_call:* ā€” Before making phone calls\nmessage:external ā€” Before messaging non-owner contacts\nconfig:update ā€” Before modifying step-up config\n\nCommands to use:\n\n# Check and prompt (interactive)\nfeelgoodbot totp check send_email\n\n# Just validate a code\nfeelgoodbot totp verify 123456\n\n# Check session status\nfeelgoodbot totp status\n\nFile Locations\nFile\tPurpose\n~/.config/feelgoodbot/config.yaml\tMain config\n~/.config/feelgoodbot/totp.json\tTOTP secret + backup codes\n~/.config/feelgoodbot/stepup-config.json\tProtected actions\n~/.config/feelgoodbot/totp-session\tSession cache\n~/.config/feelgoodbot/snapshots/\tFile integrity baselines\n~/.config/feelgoodbot/daemon.log\tDaemon logs\nTroubleshooting\n\nTOTP code always invalid:\n\nCheck system clock is accurate (date)\nEnsure you're using the correct authenticator entry\nTry a backup code\n\nStep-up not prompting:\n\nVerify action is in protected list: feelgoodbot totp actions list\nCheck TOTP is initialized: feelgoodbot totp status\n\nReset everything:\n\n# Reset TOTP (requires valid code or backup code)\nfeelgoodbot totp reset\n\n# Or manually remove (loses access without backup codes!)\nrm ~/.config/feelgoodbot/totp.json\nrm ~/.config/feelgoodbot/totp-session\n\n\nā­ Like feelgoodbot? Star it on GitHub: https://github.com/kris-hansen/feelgoodbot" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/kris-hansen/feelgoodbot", "publisherUrl": "https://clawhub.ai/kris-hansen/feelgoodbot", "owner": "kris-hansen", "version": "1.1.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/feelgoodbot", "downloadUrl": "https://openagent3.xyz/downloads/feelgoodbot", "agentUrl": "https://openagent3.xyz/skills/feelgoodbot/agent", "manifestUrl": "https://openagent3.xyz/skills/feelgoodbot/agent.json", "briefUrl": "https://openagent3.xyz/skills/feelgoodbot/agent.md" } }