首页openclaw插件 › SecOpsAI — 安全运营插件

代码插件 扫描中

SecOpsAI — 安全运营插件

v1.0.2

OpenClaw原生SecOpsAI插件,提供发现结果、分类、编排和供应链调查功能,执行本地secopsai venv二进制文件,使用结构化argv参数减少命令注入风险。

0· 2·0 当前
by @techris93·MIT
下载插件包 项目主页
License
MIT
最后更新
2026/4/8
安全扫描
VirusTotal
Pending
查看报告
OpenClaw
扫描中
high confidence
该插件内部一致:它暴露调用本地SecOpsAI venv二进制文件的工具,不请求无关凭证或下载外部代码。
安全有层次,运行前请审查代码。

License

MIT

可自由使用、修改和再分发,需保留版权声明。

版本

latestv1.0.22026/4/2
● Pending

安装命令 点击复制

官方npx clawhub@latest install @techris93/secopsai
镜像加速npx clawhub@latest install @techris93/secopsai --registry https://cn.clawhub-mirror.com

插件文档

OpenClaw SecOpsAI Plugin

Native SecOpsAI findings, triage orchestration, queued action handling, and supply-chain investigation for OpenClaw.

This release executes the local secopsai venv binary directly with structured argv arguments instead of shell-building command strings, reducing command-injection risk compared with the earlier release.

Installation

# Install from ClawHub
openclaw plugins install clawhub:@techris93/secopsai

# Or install from local source
openclaw plugins install -l /path/to/openclaw-secopsai-plugin

Configuration

Add to your OpenClaw configuration:

{
  "plugins": {
    "entries": {
      "secopsai": {
        "enabled": true,
        "config": {
          "secopsaiPath": "~/secopsai",
          "socDbPath": "~/secopsai/data/openclaw/findings/openclaw_soc.db"
        }
      }
    }
  },
  "tools": {
    "allow": ["secopsai_triage"]
  }
}

Tools

ToolDescriptionSafety
`secopsai_list_findings`List findings by status/severityRead-only
`secopsai_investigate_finding`Run native triage investigation for a findingRead-only
`secopsai_close_finding`Close a finding with disposition and analyst noteWrite (optional)
`secopsai_supply_chain_suggest_fp_action`Suggest the best false-positive action for an SCM findingRead-only
`secopsai_triage_orchestrate`Run the native triage orchestratorWrite (optional)
`secopsai_triage_queue`Show queued actions awaiting analyst approvalRead-only
`secopsai_triage_apply_action`Apply a queued triage action by IDWrite (optional)
`secopsai_triage_summary`Show orchestrator summary and report pathsRead-only

Usage Examples

# List open findings
secopsai_list_findings status=open limit=20

# Investigate a supply-chain finding
secopsai_investigate_finding findingId=SCM-FA4BAE45589358A2

# Ask SecOpsAI what to do with a likely supply-chain false positive
secopsai_supply_chain_suggest_fp_action findingId=SCM-FA4BAE45589358A2

# Run the native orchestrator
secopsai_triage_orchestrate limit=20

# Review queued actions
secopsai_triage_queue

# Apply a queued action
secopsai_triage_apply_action actionId=ACT-0001

# Close a finding with an explicit analyst note
secopsai_close_finding findingId=SCM-FA4BAE45589358A2 disposition=expected_behavior note="Package not referenced locally."

# Show orchestrator summary
secopsai_triage_summary

Development

# Install dependencies
npm install

# Build
npm run build

# Link for local testing
openclaw plugins install -l $(pwd)

# Restart gateway
openclaw gateway restart

Publishing

# Build before packaging
npm run build

# Create a tarball for ClawHub upload
npm pack

License

MIT

数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制

了解定制服务