ClawHub

EdgeIQ Alerting System

v1.0.0

Modular webhook router that collects EdgeIQ scan results and sends formatted alerts to Slack, Telegram, Discord, Email, and generic webhooks with deduplicati...

0· 0·0 current·0 all-time
by@snipercat69

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for snipercat69/edgeiq-alerting-system.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "EdgeIQ Alerting System" (snipercat69/edgeiq-alerting-system) from ClawHub.
Skill page: https://clawhub.ai/snipercat69/edgeiq-alerting-system
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install snipercat69/edgeiq-alerting-system

ClawHub CLI

Package manager switcher

npx clawhub@latest install edgeiq-alerting-system
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the packaged files and runtime instructions: the script accepts JSON alerts, formats them for Slack/Telegram/Discord/Email/generic webhooks, implements deduplication, rate limiting, and optional HMAC signing. No unrelated credentials, binaries, or external services are requested.
Instruction Scope
SKILL.md and README instruct the agent to read a local config.json and to read alert payloads from CLI args or stdin — these are necessary for the stated functionality. The runtime instructions and script write two local state files (.alerter_ratelimit.json, .alerter_dedup.json) in the working directory; this is expected but you should avoid running the tool from directories that contain sensitive files.
Install Mechanism
No install spec or external downloads are present; the package is stdlib-only Python and runs as a script. No high-risk installer or remote archive extraction is used.
Credentials
No required environment variables are declared; channel credentials (webhook URLs, SMTP creds, Telegram bot token, webhook secret) are placed in a local config.json, which is proportional to the tool's purpose. Because credentials live in a file, the README correctly advises keeping config.json/.env out of version control.
Persistence & Privilege
The skill is not always-enabled and does not request elevated system privileges. It does persist rate-limit and deduplication state to two dotfiles in the working directory; this is reasonable but choose a dedicated working directory to avoid accidental exposure or collisions with other tooling.
Assessment
This skill appears to do what it says: route alerts to configured channels. Before installing or running it: 1) store credentials (webhook URLs, SMTP user/password, Telegram bot token, webhook HMAC secret) in a dedicated config.json kept out of version control; 2) run the script from a dedicated directory so .alerter_ratelimit.json and .alerter_dedup.json don't collide with other projects or leak metadata; 3) review and securely store any SMTP/app passwords and webhook secrets, rotate them if exposed; 4) consider running in an isolated environment (container or service account) if you will pipe untrusted input into it; and 5) if you need a different dedup or rate-limit policy, modify the code/config — v1.0.0 uses a fixed 5-minute dedup window and flat-file rate limiting by default.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ch3t868v9agkhqg6tw0e2rx85dqm0
0downloads
0stars
1versions
Updated 3h ago
v1.0.0
MIT-0
@snipercat69
latest
Download

EdgeIQ Alerting System — SKILL.md

Skill Name: edgeiq-alerting-system Version: 1.0.0 Category: Infrastructure / Alerting Author: EdgeIQ Labs ClawHub: edgeiq-alerting-system

Overview

EdgeIQ Alerting System is a modular, standalone webhook routing layer that collects scan results, security findings, and custom events from EdgeIQ tools and fan-outs formatted notifications to Slack, Telegram, Discord, Email (SMTP), and generic webhooks.

It is designed to be the backbone alerting infrastructure for the EdgeIQ tool suite — drop it into any pipeline, point your scanners at it, and alerts reach your team wherever they live.

Tiers

TierChannelsAlerts/DaySeverity TaggingAlert AggregationPrice
Free1100NoNoFree
ProUnlimitedUnlimitedYesYes$9/mo
BundleUnlimitedUnlimitedYesYesIncluded with all skill bundles

Features

  • Multi-channel routing — Slack, Telegram, Discord, Email (SMTP), generic HTTP webhook
  • Structured JSON input — unified alert schema consumed from CLI args or stdin
  • Channel-specific formatting — Slack blocks, Telegram HTML, Discord embeds, MIME email
  • Deduplication — skips duplicate alerts within a 5-minute window using content hashing
  • Rate limiting — flat-file per-channel rate limiter (default 100 alerts/minute)
  • HMAC signing — optional HMAC-SHA256 signature for generic webhook payloads
  • Dry-run mode — validate payloads without sending to any channel
  • One-shot mode — read JSON, send, exit (cron-friendly / pipeline-friendly)
  • Graceful per-channel error isolation — one channel failing does not block others
  • Stdlib-only — no external Python dependencies beyond the standard library
  • Configurable via config.json — all channel credentials and settings in one place

Alert Payload Schema

{
  "source": "edgeiq-xss-scanner",
  "severity": "critical",
  "title": "XSS vulnerability detected",
  "message": "Reflected XSS in parameter 'q' on /search",
  "target": "https://example.com/search?q=test",
  "timestamp": "2026-04-23T15:00:00Z",
  "tags": ["xss", "web", "example.com"],
  "data": {
    "cwe": "CWE-79",
    "cvss": "7.2"
  }
}

All fields except timestamp, tags, and data are required.

Usage Examples

Piping scan output from edgeiq-xss-scanner

python3 scripts/alerter.py --payload '{"source":"edgeiq-xss-scanner","severity":"critical","title":"XSS found","message":"Reflected XSS in /search","target":"https://example.com/search?q=test"}'

One-shot via stdin (pipeline-friendly)

cat scan-result.json | python3 scripts/alerter.py

Dry-run (no alerts sent)

python3 scripts/alerter.py --dry-run --payload '{"source":"edgeiq-network-scanner","severity":"warning","title":"Open port detected","message":"Port 22 open on 10.0.0.1","target":"10.0.0.1"}'

Cron: Nightly scan结果的自动告警

0 3 * * * cd /opt/edgeiq-alerting-system && python3 scripts/alerter.py < /tmp/scan-$(date +\%Y\%m\%d).json

From another EdgeIQ tool (Python subprocess)

import subprocess, json

result = {"source": "edgeiq-network-scanner", "severity": "info",
          "title": "Scan complete", "message": "50 hosts scanned",
          "target": "10.0.0.0/24"}

subprocess.run(
    ["python3", "scripts/alerter.py"],
    input=json.dumps(result),
    text=True
)

Legal Notice

EdgeIQ Alerting System is provided as-is for legitimate security testing and monitoring workflows. Users are responsible for ensuring their use complies with applicable laws and the terms of any services they integrate with. Do not use this tool to send unsolicited messages or to conduct unauthorized access. The authors assume no liability for misuse.

Comments

Loading comments...