Installation

clawhub install yasnaak/reefwatch

Summary

ReefWatch is a host-based intrusion detection daemon for Linux and macOS. It continuously scans for brute-force attacks, malware, privilege escalation, file tampering, cryptominers, and network anomalies using YARA, Sigma, and custom rules. Alerts are sent to the user only when a real threat is detected, with no LLM token usage during idle monitoring.

SKILL.md

Quick overview

ReefWatch is a host-based intrusion detection daemon for Linux and macOS. It continuously scans for brute-force attacks, malware, privilege escalation, file tampering, cryptominers, and network anomalies using YARA, Sigma, and custom rules. Alerts are sent to the user only when a real threat is detected, with no LLM token usage during idle monitoring.

Runs as a background daemon without consuming LLM tokens during monitoring, so continuous host-level threat detection adds no per-check cost.

Common tasks

  • Monitoring a home server for SSH brute-force attempts
  • Detecting cryptomining malware on a developer workstation
  • Scanning a downloaded binary for malware before execution
  • Watching for unauthorized file changes on a Linux host
  • Getting alerted when a process attempts privilege escalation

Install paths

Primary command


openclaw install yasnaak/reefwatch

ClawHub installer


npx clawhub@latest install yasnaak/reefwatch

OpenClaw CLI


openclaw skills install yasnaak/reefwatch

Direct OpenClaw install


openclaw install yasnaak/reefwatch

Skill metadata

  • Category: DevOps & Cloud
  • Language: Markdown
  • Version: 1.3.0
  • Security status: Benign

Review upstream source

The full public SKILL.md body is not directly fetchable for this entry right now, so this page is using the best available catalog metadata. Review the upstream source page for the latest files, version history, and security scan details: https://clawhub.ai/yasnaak/reefwatch

Recommended skills

Browse all →