36 lines
1.2 KiB
Bash
Executable File
36 lines
1.2 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
BOT_TOKEN="${SKILLFENCE_TG_BOT_TOKEN:-}"
|
|
CHAT_ID="${SKILLFENCE_TG_CHAT_ID:-}"
|
|
MONITOR="/home/openclaw/.openclaw/workspace/skills/skillfence/monitor.js"
|
|
|
|
if ! command -v node >/dev/null 2>&1; then
|
|
exit 0
|
|
fi
|
|
|
|
if [ -z "$BOT_TOKEN" ] || [ -z "$CHAT_ID" ]; then
|
|
exit 0
|
|
fi
|
|
|
|
TMP_JSON="$(mktemp)"
|
|
node "$MONITOR" --scan > "$TMP_JSON" || exit 0
|
|
|
|
CRIT=$(jq -r '.summary.critical // 0' "$TMP_JSON")
|
|
HIGH=$(jq -r '.summary.high // 0' "$TMP_JSON")
|
|
MED=$(jq -r '.summary.medium // 0' "$TMP_JSON")
|
|
TOTAL=$((CRIT + HIGH + MED))
|
|
VERDICT=$(jq -r '.summary.verdict // "UNKNOWN"' "$TMP_JSON")
|
|
|
|
if [ "$TOTAL" -gt 0 ]; then
|
|
TOP=$(jq -r '([.skill_scan.findings[]?, .network_check[]?, .process_check[]?, .credential_check[]?] | .[:5] | map("• [" + (.severity // "?") + "] " + (.type // "finding") + " — " + (.detail // .action // "") ) | join("\n"))' "$TMP_JSON")
|
|
TEXT="🛡️ SkillFence daily alert\nVerdict: $VERDICT\nCritical: $CRIT | High: $HIGH | Medium: $MED\n\nTop findings:\n$TOP"
|
|
|
|
curl -sS -X POST "https://api.telegram.org/bot${BOT_TOKEN}/sendMessage" \
|
|
-d chat_id="$CHAT_ID" \
|
|
--data-urlencode text="$TEXT" \
|
|
-d disable_web_page_preview=true >/dev/null || true
|
|
fi
|
|
|
|
rm -f "$TMP_JSON"
|