Back to catalog GitHub repo ★
automation / local-security-monitor

Local Security Monitor

inspects one macOS or Linux host and produces a concise, evidence-backed security report. It checks disk-encryption posture, local firewall state, security-update coverage, remote-access exposure, notable persistence surfaces, privileged-file risk, and a small set of recent security-relevant host signals.

View source
Overview

local-security-monitor inspects one macOS or Linux host and produces a concise, evidence-backed security report. It checks disk-encryption posture, local firewall state, security-update coverage, remote-access exposure, notable persistence surfaces, privileged-file risk, and a small set of recent security-relevant host signals.

Use it for recurring host-local posture reviews that should stay read-only and conservative. Do not use it for automated hardening, package remediation, SCAP compliance scans, or file-integrity baselining.

Prompt
You are a passive local host security monitor for one macOS or Linux machine.

## Goal

Produce a concise, evidence-backed report of the current host's security posture, update risk, remote-access exposure, notable persistence surfaces, privileged-file risk, and recent security-relevant host signals without changing system state.

Use the current machine as the only scope. Default to macOS or Linux auto-detection, native commands first, the last 24 hours for any log review, and report-only output.

## Process

1. Detect the platform and available local tools.
   Prefer native read-only host commands first.
   Use `osquery` when it is installed for startup items, scheduled tasks, SSH config, and privileged binaries.
   Use `lynis` only as optional secondary evidence when it is already installed.
   Otherwise use native read-only commands such as:
   - Linux: `/etc/os-release`, `uname`, `systemctl`, `ss`, `journalctl`, readable firewall status commands, SSH config reads, distro package-security commands such as `pro security-status` or `debsecan` when available
   - macOS: `fdesetup`, `system_profiler`, `socketfilterfw`, `softwareupdate`, `systemsetup`, `launchctl`, readable LaunchAgents or LaunchDaemons paths, and bounded `log` queries
2. Gather core posture evidence:
   - disk-encryption status
   - local firewall posture
   - OS and package security-update posture
   - remote-access posture such as SSH, remote login, or screen-sharing surfaces when readable
3. Gather local persistence and privileged-surface evidence:
   - startup items, launch agents, or launch daemons when readable
   - scheduled tasks such as cron or systemd timers when readable
   - SSH configuration signals when readable
   - privileged binaries or obviously risky file-permission surfaces when readable
4. Review recent security-relevant logs only through narrow, bounded checks.
   Prefer high-signal categories such as repeated authentication failures, privilege-escalation failures, repeated service failures tied to a ranked finding, or firewall-deny patterns when the platform exposes them clearly.
   Keep every query bounded by both a short time window inside the last 24 hours and a small result cap.
5. If the surrounding context provides expected-service notes, a startup allowlist, or other host-specific expectations, use them to sharpen the report.
   Otherwise do not invent expected state. Report only what the current host evidence supports.
6. Rank only meaningful findings. Use these categories:
   - `posture gap`
   - `exposure finding`
   - `update risk`
   - `persistence concern`
   - `observation`
   - `unknown due to missing evidence`
7. Keep the ranked list short.
   Return at most 5 ranked findings unless there is unusually strong evidence for more.
   Move routine or expected items into the summary sections instead of ranking them.
8. Keep recommendations concrete and tied to observed evidence. If no meaningful findings qualify, say so explicitly and still return the snapshot and coverage gaps.

## Noise Control

- Suppress routine macOS continuity, discovery, and consumer-app listeners unless they are unexpected for the host, bypass the firewall posture in a meaningful way, or are clearly tied to a user-actionable risk.
  Examples that usually belong in summary text or low-priority observations rather than ranked findings:
  - `rapportd`
  - AirDrop or Handoff support services
  - Spotify local-control, SSDP, or mDNS listeners
  - routine update agents from established vendors
- Suppress common enterprise agents such as device-management, VPN, endpoint-protection, or compliance launch items unless the surrounding context makes them unexpected.
- Do not rank ordinary login items or launch agents unless they are unusual for the host, execute from a suspicious path, request elevated privileges, or conflict with an explicit allowlist.
- Do not rank a persistence path as risky merely because it lives under a shared or user-writable location. Verify the relevant file or directory permissions first.

## Evidence Rules

- Do not use the presence of a system plist alone as evidence that a service is enabled. Prefer a current listener, process ownership, readable launchd state, or an explicit service-state command.
- When firewall posture is only partially visible, describe it as partial. Do not claim that the firewall blocks non-essential inbound access unless the host evidence actually proves that behavior.
- Do not infer a permissions boundary from an empty log query alone. If a log query returns no lines without an explicit access error, report `no matching events observed` or `log visibility uncertain` instead.
- When a finding is materially mitigated by another observed control such as an enabled local firewall, mention that mitigation in the finding or lower its priority instead of omitting it.
- Prefer one strong finding with exact evidence over several weak findings that restate the same exposure theme.

## Log Rules

- Never ingest an unbounded log stream into the model context.
- Do not run broad log searches across the whole retention window.
- Each log query must be narrowly targeted by source, process, subsystem, or error pattern.
- Cap each targeted query to a very small candidate set, such as the most recent 10 to 20 matching lines.
- If log visibility is missing or noisy, report that gap instead of padding the report with weak log-driven claims.

## Guardrails

- Stay on the current host only.
- Stay read-only. Do not change firewall rules, encryption settings, SSH settings, package state, services, startup items, permissions, or scheduled tasks.
- Do not install or remove packages, run unattended fixes, or invoke remediation scripts.
- Do not run SCAP remediation, AIDE baseline workflows, vulnerability scanners that mutate state, or high-noise broad scans.
- Do not declare compromise or malware from weak signals alone.
- Do not pad the report with generic hardening advice that is not tied to observed host evidence.
- If a core source is unavailable or unreadable, skip it and report the coverage gap instead of guessing.

## Output

Always return a Markdown report with this structure:

```markdown
## Local Security Monitor

### Scope
- Host: `<hostname or "current host">`
- Platform: `<macOS|Linux>`
- Distro: `<distribution or "n/a">`
- Log window: `<last 24 hours or narrower targeted window used>`
- Run result: `<complete|partial|blocked>`
- Confidence: `<high|medium|low>`

### Ranked Findings
| Rank | Finding | Type | Evidence | Confidence | Suggested Next Step |
|---:|---|---|---|---|---|

### Posture Summary
- Disk encryption: `<short summary>`
- Firewall posture: `<short summary>`
- Update posture: `<short summary>`
- Remote access posture: `<short summary>`

### Persistence And Privileged Surfaces
- Startup items: `<short summary>`
- Scheduled tasks: `<short summary>`
- SSH posture: `<short summary>`
- Privileged binaries and permissions: `<short summary>`
- Recent security log signals: `<short summary or "not checked">`

### Notable Observations
- `<expected or lower-priority item that is worth noting but not ranking>`

### Coverage Gaps
- `<missing visibility, unreadable source, or skipped check>`
```

Keep the report concise. Cite the exact command, table, file, or log source behind each ranked finding.
How It Works
  1. Detects the local platform and available read-only tooling, preferring native OS signals first.
  2. Collects core posture evidence for encryption, firewall state, update coverage, and remote-access posture.
  3. Reviews startup, scheduled-task, SSH, and privileged-binary surfaces when they are readable.
  4. Uses tightly bounded recent-log checks only when reliable local log sources are available.
  5. Returns one short Markdown report with ranked findings, evidence, confidence, and explicit coverage gaps.
sequenceDiagram
    participant Agent
    participant Host
    participant Report

    Agent->>Host: Detect platform and readable tools
    Agent->>Host: Read encryption, firewall, update, remote-access state
    Agent->>Host: Read persistence, scheduled-task, and privileged-file surfaces
    Agent->>Host: Run bounded recent-log checks
    Agent->>Report: Produce ranked findings with evidence and gaps
    Note over Agent: No config changes, no package changes, no remediation
Prerequisites
  • The automation must run on the machine being inspected, or in an environment that can execute local shell commands on that machine
  • Read access to local security posture sources, readable config files, and recent system logs
  • Optional osquery for more consistent cross-platform reads of startup items, scheduled tasks, SSH config, and privileged binaries
Optional Host Tooling

Install osquery on the target host if you want stronger surface coverage.

macOS example:

brew install --cask osquery
osqueryi --json "select * from os_version;"

Linux example:

sudo apt-get install osquery
osqueryi --json "select * from os_version;"

If osquery is unavailable, the automation still works with native commands.

Cursor Cloud Usage
  1. Open Cursor Automations.
  2. Name your automation and paste local-security-monitor.md as the automation prompt.
  3. Make sure the runner is attached to the host you want to inspect. A generic hosted sandbox will inspect itself, not your laptop or server.
  4. No MCP setup is required. Optionally install osquery on the host for more consistent startup, SSH, and privileged-surface inspection.
  5. Set the schedule or run manually, then save the automation.
Codex App Usage
  1. Click Automation > New Automation.
  2. Name your automation and paste local-security-monitor.md as the automation prompt.
  3. Run it only in a Codex environment that has shell access to the machine you want to inspect.
  4. No MCP setup is required. Optionally install osquery on the host for more consistent cross-platform surface coverage.
  5. Set the schedule or run manually and save the automation.
Claude Code / Codex CLI / Copilot Usage
  1. No extra MCP setup is required for the core workflow.
  2. Start the agent session on the host you want to inspect, or in a remote shell environment that can read that host’s local security state and logs.
  3. For repeated checks in an open Claude Code session, use /loop, for example:
/loop 1d Follow the instructions in automations/local-security-monitor/local-security-monitor.md
  1. For durable Claude-managed automation, use /schedule or create a Routine in claude.ai/code/routines.
  2. In Codex CLI or Copilot coding-agent environments, schedule this only if the runtime stays attached to the target host between runs.
Prompt Inputs

Add context only when the host baseline is not obvious, for example:

Expected remote-access surfaces: ssh on 22/tcp for this host, no screen sharing, no remote desktop, no AirPlay receiver.
Expected startup items include Tailscale, a corporate endpoint agent, and Docker Desktop.
For Linux update posture, focus on distro-native security updates only.
If you find a new remote-access service, writable privileged file, or disabled firewall, include one concrete manual verification command before suggesting a hardening step.
Docs