How do I install MCP Cybersec Watchdog?

Install MCP Cybersec Watchdog with a single command: npx mdskills install girste/mcp-cybersec-watchdog. This downloads the skill files into your project and your AI agent picks them up automatically.

What platforms support MCP Cybersec Watchdog?

MCP Cybersec Watchdog works with Claude Code, Claude Desktop, Cursor, Vscode Copilot, Windsurf, Continue Dev, Gemini Cli, Amp, Roo Code, Goose. Skills use the open SKILL.md format which is compatible with any AI coding agent that reads markdown instructions.

← Back to MCP servers

MCP Cybersec Watchdog

Name: MCP Cybersec Watchdog: AI Agent Skill
Rating: 8 (1 reviews)
Author: girste

Verified

MCP ServerSecurityIntermediate

A portable, single-binary system auditing tool for Linux. Like Lynis but faster and smarter. No configuration needed. No dependencies. Just run. - 🔒 Security: Firewall, SSH hardening, SSL/TLS, fail2ban, SUID binaries, open ports - 🚀 Services: Systemd services, web servers, databases, Docker - 💻 Resources: CPU, RAM, disk usage, top processes - 💾 Storage: SMART health, inode usage, filesystem er

by @girste0Updated 1 weeks ago

Add this skill

npx mdskills install girste/mcp-cybersec-watchdog

Fork & Edit

Skill Advisor8.0

Comprehensive Linux system auditing tool with 87 checks across 10 categories, zero dependencies, and webhook monitoring

+Covers security, services, resources, storage, databases, Docker, network, backups, and logs comprehensively
+Provides clear setup instructions, example output, and webhook notification configuration
+Documents both binary and Claude Skill execution modes with production-proven reliability
-Requires sudo and NOPASSWD configuration which may not be acceptable in all environments

SKILL.md

Edit in Browser

1<div align="center">
2 
3![Chihuaudit](docs/chihuaudit-cover.png)
4 
5[![CI](https://github.com/girste/CHIHUAUDIT/workflows/CI/badge.svg)](https://github.com/girste/CHIHUAUDIT/actions/workflows/ci.yml)
6[![Lint](https://github.com/girste/CHIHUAUDIT/workflows/Lint/badge.svg)](https://github.com/girste/CHIHUAUDIT/actions/workflows/lint.yml)
7[![CodeQL](https://github.com/girste/CHIHUAUDIT/workflows/CodeQL/badge.svg)](https://github.com/girste/CHIHUAUDIT/actions/workflows/codeql.yml)
8[![Trivy](https://github.com/girste/CHIHUAUDIT/workflows/Trivy/badge.svg)](https://github.com/girste/CHIHUAUDIT/actions/workflows/trivy.yml)
9[![Snyk](https://github.com/girste/CHIHUAUDIT/workflows/Snyk%20Security/badge.svg)](https://github.com/girste/CHIHUAUDIT/actions/workflows/snyk.yml)
10 
11[![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/girste/CHIHUAUDIT/badge)](https://scorecard.dev/viewer/?uri=github.com/girste/CHIHUAUDIT)
12[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/11858/badge)](https://www.bestpractices.dev/projects/11858)
13[![SLSA](https://slsa.dev/images/gh-badge-level3.svg)](https://slsa.dev)
14[![Go Report Card](https://goreportcard.com/badge/github.com/girste/CHIHUAUDIT)](https://goreportcard.com/report/github.com/girste/CHIHUAUDIT)
15 
16</div>
17 
18---
19 
20## 🎯 What is Chihuaudit?
21 
22A portable, single-binary system auditing tool for Linux. Like [Lynis](https://cisofy.com/lynis/) but faster and smarter.
23 
24**No configuration needed. No dependencies. Just run.**
25 
26```bash
27sudo ./chihuaudit audit
28```
29 
30## ✨ Features
31 
32- **🔒 Security**: Firewall, SSH hardening, SSL/TLS, fail2ban, SUID binaries, open ports
33- **🚀 Services**: Systemd services, web servers, databases, Docker
34- **💻 Resources**: CPU, RAM, disk usage, top processes
35- **💾 Storage**: SMART health, inode usage, filesystem errors
36- **🗄️ Databases**: PostgreSQL, MySQL, Redis health checks
37- **🐳 Docker**: Container status, resource usage, volumes
38- **🌐 Network**: DNS resolution, latency, interfaces, connections
39- **📦 Backups**: Backup detection and freshness checks
40- **📝 Logs**: Error analysis, SSH attempts, service restarts
41- **⏰ Monitoring**: Continuous mode with Discord webhook notifications
42 
43## 🤖 Claude Skill Alternative
44 
45![Chihuaudit Skill](docs/chihu-skill.png)
46 
47**Don't want to install anything?** Use the **Claude Skill** version instead!
48 
49Execute the same comprehensive system audit directly through Claude (Sonnet, Opus, or Haiku) using native shell commands - no binary installation required.
50 
51**Key Benefits**:
52- 🚀 **Zero Installation** - Works immediately with sudo access
53- 🔄 **Consistent Results** - 1+ year of production use with extremely reliable output
54- 📊 **Same Coverage** - All 87 checks, 10 categories, identical methodology
55- ⚡ **Fast** - 30-90 second execution time
56 
57**Requirements**: Linux with systemd, sudo NOPASSWD configured, Claude with shell access
58 
59**Documentation**: [docs/skill/chihuaudit-skill.md](docs/skill/chihuaudit-skill.md)
60 
61---
62 
63<details>
64<summary><h2>🚀 Quick Start</h2></summary>
65 
66### Build
67 
68```bash
69make build
70# or
71./build.sh
72```
73 
74### Run
75 
76```bash
77# Single audit
78sudo ./bin/chihuaudit audit
79 
80# JSON output
81sudo ./bin/chihuaudit audit --json
82 
83# Continuous monitoring
84sudo ./bin/chihuaudit monitor --interval=5m
85 
86# Generate config
87./bin/chihuaudit init-config
88```
89 
90</details>
91 
92<details>
93<summary><h2>📊 Example Output</h2></summary>
94 
95### Terminal Output
96 
97```
98=== CHIHUAUDIT REPORT ===
99Timestamp: 2026-02-05 12:38:27
100Hostname: server.example.com
101OS: Ubuntu 24.04.3 LTS
102 
103--- 1. SECURITY ---
104Firewall: active (ufw) ✓
105SSH: active
106SSH Port: 2244
107SSH Password Auth: disabled ✓
108SSH Root Login: no ✓
109External Ports: [443, 80, 2244]
110Localhost-Only Ports: [5432, 6379]
111SSL Certificates: 5 (all valid)
112 
113--- 2. SERVICES ---
114Total Running: 31
115Failed: 0 ✓
116Web: caddy (active)
117Database: postgresql (active)
118 
119[... 8 more categories ...]
120 
121Total Checks: 87
122```
123 
124</details>
125 
126<details>
127<summary><h2>🔧 Webhook Notifications</h2></summary>
128 
129Chihuaudit supports **webhook notifications** for real-time monitoring alerts. While optimized for Discord, it works with **any webhook-compatible service** (Slack, Microsoft Teams, Mattermost, custom endpoints, etc.).
130 
131<img src="docs/test-screen.png" width="500" alt="Discord Webhook Examples">
132 
133*Color-coded alerts: 🟢 Green (healthy), 🟡 Yellow (warnings), 🔴 Red (critical)*
134 
135### Setup
136 
137```bash
138# Generate default config
139./bin/chihuaudit init-config
140 
141# Edit configuration
142nano ~/.chihuaudit/config.json
143```
144 
145### Configuration
146 
147```json
148{
149  "discord_webhook": "https://discord.com/api/webhooks/YOUR_WEBHOOK_ID/YOUR_WEBHOOK_TOKEN",
150  "notification_whitelist": {
151    "cpu_threshold": 70,
152    "memory_threshold": 70,
153    "disk_threshold": 85,
154    "ignore_changes": ["uptime", "active_connections"]
155  }
156}
157```
158 
159### Webhook Compatibility
160 
161**Discord** (native support):
162- Rich embeds with color-coded alerts
163- Custom avatar and username
164- Timestamp and structured fields
165 
166**Slack** (works with minor format differences):
167- Use `discord_webhook` field with your Slack webhook URL
168- Embeds translate to Slack attachments
169- Colors and formatting preserved
170 
171**Other services**:
172- Any service accepting JSON POST with `embeds` field
173- Microsoft Teams incoming webhooks
174- Mattermost webhooks
175- Custom webhook handlers
176 
177### Alert Thresholds
178 
179**CPU Load**: Trigger when load average exceeds threshold  
180**Memory Usage**: Alert on RAM usage percentage  
181**Disk Space**: Warning when disk usage crosses limit  
182**Ignore List**: Skip notifications for frequently changing metrics
183 
184### Monitoring Mode
185 
186```bash
187# Monitor every 5 minutes with webhook alerts
188sudo ./bin/chihuaudit monitor --interval=5m
189```
190 
191Changes are detected and only significant events trigger notifications, reducing alert fatigue.
192 
193</details>
194 
195<details>
196<summary><h2>🎯 Design Philosophy</h2></summary>
197 
198- **Universal**: Works on any Linux distro without configuration
199- **Portable**: Single static binary, zero dependencies
200- **Safe**: Read-only checks, no system modifications
201- **Fast**: Parallel execution, ~1 second for full audit
202- **Simple**: Minimal code, maximum clarity
203- **Automated**: Perfect for CI/CD and monitoring
204 
205</details>
206 
207## 📖 Documentation
208 
209- [Installation Guide](docs/INSTALLATION.md)
210- [Development Log](docs/DEVELOPMENT.md)
211- [Contributing Guidelines](CONTRIBUTING.md)
212 
213<details>
214<summary><h2>🏗️ Architecture</h2></summary>
215 
216```
217chihuaudit/
218├── main.go           # CLI entry point
219├── checks/           # 10 audit categories
220│   ├── security.go   # Firewall, SSH, SSL, ports
221│   ├── services.go   # Systemd, web, DB servers
222│   ├── resources.go  # CPU, RAM, disk
223│   └── ...
224├── detect/           # OS/tool detection
225├── notify/           # Discord webhooks
226├── report/           # Text/JSON formatters
227└── state/            # Change tracking
228```
229 
230</details>
231 
232## 🤝 Contributing
233 
234Contributions welcome! See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.
235 
236Keep code:
237- **Simple**: Minimal, readable, maintainable
238- **Portable**: Detection-based, no hardcoded paths
239- **Safe**: No shell injection, no user input in commands
240- **Consistent**: Follow existing patterns
241 
242## 📜 License
243 
244MIT License - see [LICENSE](LICENSE) for details
245 
246---
247 
248<div align="center">
249 
250**Made with ❤️ for sysadmins everywhere**
251 
252[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
253 
254</div>
255

Full transparency — inspect the skill content before installing.