Skip to content

markjr/cve-alerts

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

cve-alerts

An OpenClaw skill for monitoring CVE feeds and alerting on vulnerabilities matching your tech stack.

Features

  • Configurable watchlist — products, packages, vendors, internal service names
  • Suppression rules — filter out false positives by CVE ID, keyword, or regex pattern
  • Multiple alert channels — email, Telegram, or dashboard-only
  • Multi-feed support — monitor multiple RSS/JSON vulnerability feeds
  • Static dashboard — auto-generated HTML dashboard for quick review

Quick Start

1. Install dependencies

cd cve-alerts
npm install

2. Create configuration

mkdir -p ~/.config/cve-alerts

Create ~/.config/cve-alerts/config.json:

{
  "feeds": ["https://cvefeed.io/rssfeed/severity/high.xml"],
  "watchlist": ["nginx", "node.js", "postgresql", "redis"],
  "alertEmail": "security@example.com",
  "alertPolicy": "immediate",
  "dataDir": "~/.local/share/cve-alerts",
  "credentialsPath": "~/.config/cve-alerts/email.json"
}

3. Set up email credentials (optional)

Create ~/.config/cve-alerts/email.json:

{
  "email": "alerts@example.com",
  "password": "your-app-password",
  "smtp": {
    "host": "smtp.example.com",
    "port": 587,
    "secure": false
  }
}

4. Run the scanner

npm run scan

5. Set up scheduled scans

See references/deployment.md for systemd timer and cron examples.

Configuration

Watchlist

Add any terms you want to monitor:

{
  "watchlist": [
    "nginx",
    "node.js", 
    "express",
    "postgresql",
    "redis",
    "your-internal-service"
  ]
}

Matching is case-insensitive and partial (e.g., "node" matches "node.js").

Suppressions

Create ~/.config/cve-alerts/suppressions.json to filter false positives:

{
  "cves": ["CVE-2024-12345"],
  "keywords": ["android", "ios", "windows"],
  "patterns": [".*wordpress.*plugin.*"],
  "temporary": [
    {"cve": "CVE-2024-99999", "expires": "2026-07-01"}
  ]
}

Alert Policies

Policy Behavior
immediate Email + Telegram on each new match
digest Collect matches, send daily summary
dashboard No email, dashboard only

Files

File Description
SKILL.md OpenClaw skill definition
scripts/cve-scanner.mjs Main scanner script
scripts/generate-dashboard.mjs Dashboard generator
references/config-schema.md Full configuration reference
references/deployment.md Deployment guide

Using as an OpenClaw Skill

This repository is structured as an AgentSkill. To use it:

  1. Clone to your skills directory
  2. Reference from your OpenClaw configuration
  3. The agent will use it when setting up CVE monitoring

License

MIT — see LICENSE

Contributing

Issues and PRs welcome. Please include test cases for new features.

Credits

Built by easyDNS for the OpenClaw ecosystem.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors