feelgoodbot

5
1
Source

Set up feelgoodbot file integrity monitoring and TOTP step-up authentication for macOS. Use when the user wants to detect malware, monitor for system tampering, set up security alerts, or require OTP verification for sensitive agent actions.

Install

mkdir -p .claude/skills/feelgoodbot && curl -L -o skill.zip "https://mcp.directory/api/skills/download/7467" && unzip -o skill.zip -d .claude/skills/feelgoodbot && rm skill.zip

Installs to .claude/skills/feelgoodbot

About this skill

feelgoodbot 🛡️

Pronounced "Feel good, bot"

macOS file integrity monitor + TOTP step-up authentication for AI agents.

GitHub: https://github.com/kris-hansen/feelgoodbot

If you find this useful, please star the repo! It helps others discover it.

Features

  1. File Integrity Monitoring — Detects tampering of system files
  2. TOTP Step-Up Auth — Requires OTP for sensitive agent actions

Part 1: File Integrity Monitoring

Requirements

  • Go 1.21+ — Install with brew install go
  • macOS — Uses launchd for daemon

Quick Setup

# Install via go install
go install github.com/kris-hansen/feelgoodbot/cmd/feelgoodbot@latest

# Initialize baseline snapshot
feelgoodbot init

# Install and start daemon
feelgoodbot daemon install
feelgoodbot daemon start

# Check it's running
feelgoodbot status

Clawdbot Integration (Alerts)

Enable webhooks:

clawdbot config set hooks.enabled true
clawdbot config set hooks.token "$(openssl rand -base64 32)"
clawdbot gateway restart

Configure ~/.config/feelgoodbot/config.yaml:

scan_interval: 5m
alerts:
  clawdbot:
    enabled: true
    webhook: "http://127.0.0.1:18789/hooks/wake"
    secret: "<hooks.token from clawdbot config get hooks.token>"
  local_notification: true

What It Monitors

  • System binaries (/usr/bin, /usr/sbin)
  • Launch daemons/agents (persistence mechanisms)
  • SSH authorized_keys, sudoers, PAM
  • Shell configs (.zshrc, .bashrc)
  • Browser extensions
  • AI agent configs (Claude, Cursor)

Part 2: TOTP Step-Up Authentication

Step-up auth requires the user to enter an OTP code from Google Authenticator before the agent can perform sensitive actions.

Setup (User runs in terminal)

# Initialize TOTP (shows QR code to scan)
feelgoodbot totp init --account "user@feelgoodbot"

# Verify it works
feelgoodbot totp verify

# Check status
feelgoodbot totp status

Configure Protected Actions

# List current protected actions
feelgoodbot totp actions list

# Add actions that require step-up
feelgoodbot totp actions add "send_email"
feelgoodbot totp actions add "payment:*"
feelgoodbot totp actions add "delete:*"
feelgoodbot totp actions add "ssh:*"
feelgoodbot totp actions add "publish:*"
feelgoodbot totp actions add "gateway:*"
feelgoodbot totp actions add "voice_call:*"
feelgoodbot totp actions add "message:external"

# Remove an action
feelgoodbot totp actions remove "send_email"

TOTP Commands

CommandDescription
feelgoodbot totp initSet up TOTP with QR code
feelgoodbot totp verify [code]Test a code
feelgoodbot totp statusShow TOTP status and session
feelgoodbot totp check <action>Check if action needs step-up, prompt if needed
feelgoodbot totp resetRemove TOTP config (requires code)
feelgoodbot totp backup showShow remaining backup codes
feelgoodbot totp backup regenerateGenerate new backup codes
feelgoodbot totp actions listList protected actions
feelgoodbot totp actions add <action>Add protected action
feelgoodbot totp actions remove <action>Remove protected action
feelgoodbot totp respond <code>Submit OTP response (for async flow)

Session Caching

After successful authentication, a session is cached for 15 minutes (configurable). Subsequent actions within this window don't require re-authentication.


Agent Integration (IMPORTANT)

Before performing any sensitive action, the agent MUST check step-up requirements.

Action Mapping

Map your intended actions to step-up patterns:

Agent ActionStep-Up Pattern
Sending emailsend_email
Making paymentspayment:*
Deleting filesdelete:*
SSH/remote accessssh:*
Publishing codepublish:*
Modifying Clawdbot configgateway:*
Making phone callsvoice_call:*
Messaging external contactsmessage:external
Modifying step-up configconfig:update

Step-Up Check Flow

Before executing a sensitive action:

# Check if action requires step-up (non-interactive check)
feelgoodbot totp check <action>
# Exit code 0 = proceed, Exit code 1 = denied/not authenticated

If session is valid: Command succeeds immediately (exit 0)

If step-up required and no session:

  1. Agent sends Telegram message: "🔐 Action <action> requires step-up. Reply with your OTP code."
  2. Wait for user to reply with 6-digit code
  3. Validate: feelgoodbot totp verify <code>
  4. If valid, create session and proceed
  5. If invalid, deny action and notify user

Example Agent Flow (Pseudocode)

function performSensitiveAction(action, execute_fn):
    # Check step-up requirement
    result = exec("feelgoodbot totp check " + action)
    
    if result.exit_code == 0:
        # Session valid or action not protected
        execute_fn()
        return success
    
    # Need to prompt user
    send_telegram("🔐 Action '{action}' requires step-up authentication.\nReply with your OTP code from Google Authenticator.")
    
    code = wait_for_user_reply(timeout=120s)
    
    if code is None:
        send_telegram("⏰ Step-up authentication timed out. Action cancelled.")
        return denied
    
    # Validate the code
    valid = exec("feelgoodbot totp verify " + code)
    
    if valid.exit_code != 0:
        send_telegram("❌ Invalid code. Action cancelled.")
        return denied
    
    # Create session by running check again (it will pass now)
    exec("feelgoodbot totp check " + action)
    
    execute_fn()
    send_telegram("✅ Action completed.")
    return success

Quick Reference for Agent

Check before these actions:

  • send_email — Before sending any email
  • payment:* — Before any financial transaction
  • delete:* — Before deleting files (delete:file, delete:backup, etc.)
  • ssh:* — Before SSH connections
  • publish:* — Before publishing/deploying
  • gateway:* — Before modifying Clawdbot config
  • voice_call:* — Before making phone calls
  • message:external — Before messaging non-owner contacts
  • config:update — Before modifying step-up config

Commands to use:

# Check and prompt (interactive)
feelgoodbot totp check send_email

# Just validate a code
feelgoodbot totp verify 123456

# Check session status
feelgoodbot totp status

File Locations

FilePurpose
~/.config/feelgoodbot/config.yamlMain config
~/.config/feelgoodbot/totp.jsonTOTP secret + backup codes
~/.config/feelgoodbot/stepup-config.jsonProtected actions
~/.config/feelgoodbot/totp-sessionSession cache
~/.config/feelgoodbot/snapshots/File integrity baselines
~/.config/feelgoodbot/daemon.logDaemon logs

Troubleshooting

TOTP code always invalid:

  • Check system clock is accurate (date)
  • Ensure you're using the correct authenticator entry
  • Try a backup code

Step-up not prompting:

  • Verify action is in protected list: feelgoodbot totp actions list
  • Check TOTP is initialized: feelgoodbot totp status

Reset everything:

# Reset TOTP (requires valid code or backup code)
feelgoodbot totp reset

# Or manually remove (loses access without backup codes!)
rm ~/.config/feelgoodbot/totp.json
rm ~/.config/feelgoodbot/totp-session

Like feelgoodbot? Star it on GitHub: https://github.com/kris-hansen/feelgoodbot

fivem

openclaw

Fix, create, or validate FiveM server resources for QBCore/ESX (config.lua, fxmanifest.lua, items, housing/furniture, scripts, MLOs). Use when asked to debug resource errors, convert ESX↔QB, update fxmanifest versions, add items, or source scripts from GitHub. Also use for SSH key generation for SFTP access.

575388

a-stock-analysis

openclaw

A股实时行情与分时量能分析。获取沪深股票实时价格、涨跌、成交量,分析分时量能分布(早盘/尾盘放量)、主力动向(抢筹/出货信号)、涨停封单。支持持仓管理和盈亏分析。Use when: (1) 查询A股实时行情, (2) 分析主力资金动向, (3) 查看分时成交量分布, (4) 管理股票持仓, (5) 分析持仓盈亏。

802305

research-paper-writer

openclaw

Creates formal academic research papers following IEEE/ACM formatting standards with proper structure, citations, and scholarly writing style. Use when the user asks to write a research paper, academic paper, or conference paper on any topic.

85172

keyword-research

openclaw

Discovers high-value keywords with search intent analysis, difficulty assessment, and content opportunity mapping. Essential for starting any SEO or GEO content strategy.

464118

html-to-ppt

openclaw

Convert HTML/Markdown to PowerPoint presentations using Marp

36494

weread

openclaw

WeChat Reading (微信读书) CLI tool for fetching notes and highlights. Use when: (1) user asks about weread/微信读书 notes or highlights, (2) fetching today's or recent reading notes, (3) exporting book highlights, (4) managing reading bookshelf, (5) any task involving reading notes from WeChat Reading.

12186

You might also like

ui-ux-pro-max

nextlevelbuilder

"UI/UX design intelligence. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks (React, Next.js, Vue, Svelte, SwiftUI, React Native, Flutter, Tailwind). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app, .html, .tsx, .vue, .svelte. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient."

3,2072,749

pdf-to-markdown

aliceisjustplaying

Convert entire PDF documents to clean, structured Markdown for full context loading. Use this skill when the user wants to extract ALL text from a PDF into context (not grep/search), when discussing or analyzing PDF content in full, when the user mentions "load the whole PDF", "bring the PDF into context", "read the entire PDF", or when partial extraction/grepping would miss important context. This is the preferred method for PDF text extraction over page-by-page or grep approaches.

4,2481,829

flutter-development

aj-geddes

Build beautiful cross-platform mobile apps with Flutter and Dart. Covers widgets, state management with Provider/BLoC, navigation, API integration, and material design.

2,2211,672

drawio-diagrams-enhanced

jgtolentino

Create professional draw.io (diagrams.net) diagrams in XML format (.drawio files) with integrated PMP/PMBOK methodologies, extensive visual asset libraries, and industry-standard professional templates. Use this skill when users ask to create flowcharts, swimlane diagrams, cross-functional flowcharts, org charts, network diagrams, UML diagrams, BPMN, project management diagrams (WBS, Gantt, PERT, RACI), risk matrices, stakeholder maps, or any other visual diagram in draw.io format. This skill includes access to custom shape libraries for icons, clipart, and professional symbols.

2,3601,518

godot

bfollington

This skill should be used when working on Godot Engine projects. It provides specialized knowledge of Godot's file formats (.gd, .tscn, .tres), architecture patterns (component-based, signal-driven, resource-based), common pitfalls, validation tools, code templates, and CLI workflows. The `godot` command is available for running the game, validating scripts, importing resources, and exporting builds. Use this skill for tasks involving Godot game development, debugging scene/resource files, implementing game systems, or creating new Godot components.

2,6651,279

nano-banana-pro

garg-aayush

Generate and edit images using Google's Nano Banana Pro (Gemini 3 Pro Image) API. Use when the user asks to generate, create, edit, modify, change, alter, or update images. Also use when user references an existing image file and asks to modify it in any way (e.g., "modify this image", "change the background", "replace X with Y"). Supports both text-to-image generation and image-to-image editing with configurable resolution (1K default, 2K, or 4K for high resolution). DO NOT read the image file first - use this skill directly with the --input-image parameter.

2,0721,001