F

感觉好机器人

(Feelgoodbot)

feelgoodbot

🌐 English

为 macOS 设置 Feelgoodbot 文件完整性监控和 TOTP 逐步身份验证。当用户想要检测恶意软件、监控系统篡改、设置安全警报或要求对敏感代理操作进行 OTP 验证时使用。

数据来源：ClawHub。在 ClawSkills 查看

1.4k下载量

1收藏数

0浏览量

安装

选择你使用的 Agent

方法一：命令行安装（推荐）

关于感觉好机器人

--- name: feelgoodbot description: Set up feelgoodbot file integrity monitoring and TOTP step-up authentication for macOS. Use when the user wants to detect malware, monitor for system tampering, set up security alerts, or require OTP verification for sensitive agent actions. ---

feelgoodbot 🛡️

Pronounced "Feel good, bot"

macOS file integrity monitor + TOTP step-up authentication for AI agents.

GitHub: https://github.com/kris-hansen/feelgoodbot

⭐ If you find this useful, please star the repo! It helps others discover it.

Features

File Integrity Monitoring — Detects tampering of system files
TOTP Step-Up Auth — Requires OTP for sensitive agent actions

---

Part 1: File Integrity Monitoring

Requirements

Go 1.21+ — Install with brew install go
macOS — Uses launchd for daemon

Quick Setup

# Install via go install
go install github.com/kris-hansen/feelgoodbot/cmd/feelgoodbot@latest

# Initialize baseline snapshot
feelgoodbot init

# Install and start daemon
feelgoodbot daemon install
feelgoodbot daemon start

# Check it's running
feelgoodbot status

Clawdbot Integration (Alerts)

Enable webhooks:

clawdbot config set hooks.enabled true
clawdbot config set hooks.token "$(openssl rand -base64 32)"
clawdbot gateway restart

Configure ~/.config/feelgoodbot/config.yaml:

scan_interval: 5m
alerts:
  clawdbot:
    enabled: true
    webhook: "http://127.0.0.1:18789/hooks/wake"
    secret: "<hooks.token from clawdbot config get hooks.token>"
  local_notification: true

What It Monitors

System binaries (/usr/bin, /usr/sbin)
Launch daemons/agents (persistence mechanisms)
SSH authorized_keys, sudoers, PAM
Shell configs (.zshrc, .bashrc)
Browser extensions
AI agent configs (Claude, Cursor)

---

Part 2: TOTP Step-Up Authentication

Step-up auth requires the user to enter an OTP code from Google Authenticator before the agent can perform sensitive actions.

Setup (User runs in terminal)

# Initialize TOTP (shows QR code to scan)
feelgoodbot totp init --account "user@feelgoodbot"

# Verify it works
feelgoodbot totp verify

# Check status
feelgoodbot totp status

Configure Protected Actions

# List current protected actions
feelgoodbot totp actions list

# Add actions that require step-up
feelgoodbot totp actions add "send_email"
feelgoodbot totp actions add "payment:*"
feelgoodbot totp actions add "delete:*"
feelgoodbot totp actions add "ssh:*"
feelgoodbot totp actions add "publish:*"
feelgoodbot totp actions add "gateway:*"
feelgoodbot totp actions add "voice_call:*"
feelgoodbot totp actions add "message:external"

# Remove an action
feelgoodbot totp actions remove "send_email"

TOTP Commands

| Command | Description | |---------|-------------| | feelgoodbot totp init | Set up TOTP with QR code | | feelgoodbot totp verify [code] | Test a code | | feelgoodbot totp status | Show TOTP status and session | | feelgoodbot totp check | Check if action needs step-up, prompt if needed | | feelgoodbot totp reset | Remove TOTP config (requires code) | | feelgoodbot totp backup show | Show remaining backup codes | | feelgoodbot totp backup regenerate | Generate new backup codes | | feelgoodbot totp actions list | List protected actions | | feelgoodbot totp actions add | Add protected action | | feelgoodbot totp actions remove | Remove protected action | | feelgoodbot totp respond | Submit OTP response (for async flow) |


Session Caching
After successful authentication, a session is cached for 15 minutes (configurable). Subsequent actions within this window don't require re-authentication.
---
Agent Integration (IMPORTANT)
Before performing any sensitive action, the agent MUST check step-up requirements.
Action Mapping
Map your intended actions to step-up patterns:
| Agent Action | Step-Up Pattern | |--------------|-----------------| | Sending email | send_email | | Making payments | payment:* | | Deleting files | delete:* | | SSH/remote access | ssh:* | | Publishing code | publish:* | | Modifying Clawdbot config | gateway:* | | Making phone calls | voice_call:* | | Messaging external contacts | message:external | | Modifying step-up config | config:update |
Step-Up Check Flow
Before executing a sensitive action:
# Check if action requires step-up (non-interactive check)
feelgoodbot totp check <action>
# Exit code 0 = proceed, Exit code 1 = denied/not authenticated
If session is valid: Command succeeds immediately (exit 0)
If step-up required and no session:
Agent sends Telegram message: "🔐 Action  requires step-up. Reply with your OTP code."
Wait for user to reply with 6-digit code
Validate: feelgoodbot totp verify 
If valid, create session and proceed
If invalid, deny action and notify user

Example Agent Flow (Pseudocode)
function performSensitiveAction(action, execute_fn):
    # Check step-up requirement
    result = exec("feelgoodbot totp check " + action)
    
    if result.exit_code == 0:
        # Session valid or action not protected
        execute_fn()
        return success
    
    # Need to prompt user
    send_telegram("🔐 Action '{action}' requires step-up authentication.\nReply with your OTP code from Google Authenticator.")
    
    code = wait_for_user_reply(timeout=120s)
    
    if code is None:
        send_telegram("⏰ Step-up authentication timed out. Action cancelled.")
        return denied
    
    # Validate the code
    valid = exec("feelgoodbot totp verify " + code)
    
    if valid.exit_code != 0:
        send_telegram("❌ Invalid code. Action cancelled.")
        return denied
    
    # Create session by running check again (it will pass now)
    exec("feelgoodbot totp check " + action)
    
    execute_fn()
    send_telegram("✅ Action completed.")
    return success
Quick Reference for Agent
Check before these actions:
send_email — Before sending any email
payment:* — Before any financial transaction
delete:* — Before deleting files (delete:file, delete:backup, etc.)
ssh:* — Before SSH connections
publish:* — Before publishing/deploying
gateway:* — Before modifying Clawdbot config
voice_call:* — Before making phone calls
message:external — Before messaging non-owner contacts
config:update — Before modifying step-up config
Commands to use:
# Check and prompt (interactive)
feelgoodbot totp check send_email

# Just validate a code
feelgoodbot totp verify 123456

# Check session status
feelgoodbot totp status
---
File Locations
| File | Purpose | |------|---------| | ~/.config/feelgoodbot/config.yaml | Main config | | ~/.config/feelgoodbot/totp.json | TOTP secret + backup codes | | ~/.config/feelgoodbot/stepup-config.json | Protected actions | | ~/.config/feelgoodbot/totp-session | Session cache | | ~/.config/feelgoodbot/snapshots/ | File integrity baselines | | ~/.config/feelgoodbot/daemon.log | Daemon logs |
---
Troubleshooting
TOTP code always invalid:
Check system clock is accurate (date)
Ensure you're using the correct authenticator entry
Try a backup code
Step-up not prompting:
Verify action is in protected list: feelgoodbot totp actions list
Check TOTP is initialized: feelgoodbot totp status
Reset everything:
# Reset TOTP (requires valid code or backup code)
feelgoodbot totp reset

# Or manually remove (loses access without backup codes!)
rm ~/.config/feelgoodbot/totp.json
rm ~/.config/feelgoodbot/totp-session
---
⭐ Like feelgoodbot? Star it on GitHub: https://github.com/kris-hansen/feelgoodbot

`Prompt 示例`

安装感觉好机器人后，可以对 AI 说这些话来触发它

UHelp me get started with Feelgoodbot

AExplains what Feelgoodbot does, walks through the setup, and runs a quick demo based on your current project

UUse Feelgoodbot to set up feelgoodbot file integrity monitoring and TOTP step-up authe...

AInvokes Feelgoodbot with the right parameters and returns the result directly in the conversation

UWhat can I do with Feelgoodbot in my developer & devops workflow?

ALists the top use cases for Feelgoodbot, with example commands for each scenario

`常见问题`

如何安装感觉好机器人？▾

将技能文件夹放到 ~/.claude/skills/feelgoodbot/ 目录（个人级，所有项目可用），或 .claude/skills/feelgoodbot/（项目级）。重启 AI 客户端后，用 /feelgoodbot 主动调用，或让 AI 根据上下文自动发现并使用。

感觉好机器人支持哪些 AI 平台？▾

感觉好机器人支持 Claude、Cursor、OpenClaw，可与这些 AI 平台无缝集成，扩展其能力。

感觉好机器人是免费的吗？▾

感觉好机器人可免费安装使用。请查阅仓库了解许可证信息。

感觉好机器人有什么功能？▾

为 macOS 设置 Feelgoodbot 文件完整性监控和 TOTP 逐步身份验证。当用户想要检测恶意软件、监控系统篡改、设置安全警报或要求对敏感代理操作进行 OTP 验证时使用。

感觉好机器人属于哪个分类？▾

感觉好机器人属于「Developer & DevOps」分类，该分类的技能帮助 AI 智能体在此领域执行专业任务。

`使用场景`

Getting Started with Feelgoodbot→Automate Developer & DevOps Workflows with Feelgoodbot→Team Collaboration with Feelgoodbot→

感觉好机器人

安装

关于感觉好机器人

feelgoodbot 🛡️

Features

Part 1: File Integrity Monitoring

Requirements

Quick Setup

Clawdbot Integration (Alerts)

What It Monitors

Part 2: TOTP Step-Up Authentication

Setup (User runs in terminal)

Configure Protected Actions

TOTP Commands

Session Caching

Agent Integration (IMPORTANT)

Action Mapping

Step-Up Check Flow

Example Agent Flow (Pseudocode)

Quick Reference for Agent

File Locations

Troubleshooting

`Prompt 示例`

`常见问题`

`使用场景`

`同类技能推荐`

Github

Browser Use

Browser Automation

Playwright MCP

感觉好机器人

安装

关于 感觉好机器人

feelgoodbot 🛡️

Features

Part 1: File Integrity Monitoring

Requirements

Quick Setup

Clawdbot Integration (Alerts)

What It Monitors

Part 2: TOTP Step-Up Authentication

Setup (User runs in terminal)

Configure Protected Actions

TOTP Commands

Session Caching

Agent Integration (IMPORTANT)

Action Mapping

Step-Up Check Flow

Example Agent Flow (Pseudocode)

Quick Reference for Agent

File Locations

Troubleshooting

Prompt 示例

常见问题

使用场景

同类技能推荐

Github

Browser Use

Browser Automation

Playwright MCP

关于感觉好机器人

`Prompt 示例`

`常见问题`

`使用场景`

`同类技能推荐`