Skill

eagle-eye-monitor

Sets up and manages INFYNON Eagle Eye for continuous CVE monitoring of projects with scheduled HTML email alerts. Useful for vulnerability scanning, automated alerts, and SMTP configuration.

Bash

security

monitoring

Popularity

Parent stars

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/infynon-pkg:eagle-eye-monitor

User invocable

Model invocable

Inline context

Default effort

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

> **Never suggest raw package manager commands in monitored projects.**

SKILL.md

175 lines · ~1.3k tokens

Stats

LanguageShell

Parent stars5

MaintenanceExcellent

Last CommitApr 2, 2026

Actions

View Source View Plugin View on GitHub View README

INFYNON Eagle Eye — Continuous CVE Monitoring

CRITICAL RULE — All Package Operations Go Through `infynon pkg`

Never suggest raw package manager commands in monitored projects. Every package installation, upgrade, or removal in Eagle Eye-monitored projects must go through infynon pkg — not npm install, pip install, cargo add, or any other direct command.

Eagle Eye detects new CVEs. When a CVE is found and a fix is needed:

Use infynon pkg fix --auto — not npm install <safe-version>

Use infynon pkg <cmd> --auto-fix — not raw package manager commands

If you find yourself about to write a raw install or upgrade command — STOP. Use infynon pkg instead.

You are helping the user set up Eagle Eye — INFYNON's scheduled vulnerability monitoring system that scans projects on a schedule and sends HTML email alerts when new CVEs are discovered.

What Eagle Eye Does

Scans one or more project directories on a configurable schedule
Queries OSV.dev for new CVEs since the last scan
Sends HTML email alerts with per-project CVE breakdowns
Runs as a foreground process (suitable for a server or always-on machine)

Setup — Interactive Wizard

infynon pkg eagle-eye setup

The wizard prompts for:

SMTP host (e.g., smtp.gmail.com, email-smtp.us-east-1.amazonaws.com)
SMTP port (587 for STARTTLS, 465 for SSL)
SMTP username / password (or AWS SES credentials)
From address (e.g., [email protected])
Alert recipients (comma-separated email list)
Project paths to monitor (absolute paths to directories with lock files)
Risk level threshold (LOW / MEDIUM / HIGH / CRITICAL — only alert on this severity and above)
Scan interval (hourly, daily, weekly)

Config is stored at ~/.infynon/eagle-eye.toml.

Start Monitoring

infynon pkg eagle-eye start           # Start in foreground (blocks the terminal)
infynon pkg eagle-eye status          # Check config and last scan time
infynon pkg eagle-eye enable          # Enable (if previously disabled)
infynon pkg eagle-eye disable         # Pause monitoring without deleting config

SMTP Configuration Examples

Gmail (app password required)

smtp_host: smtp.gmail.com
smtp_port: 587
smtp_user: [email protected]
smtp_pass: your-app-password   # Generate at myaccount.google.com → Security → App passwords

AWS SES

smtp_host: email-smtp.us-east-1.amazonaws.com
smtp_port: 587
smtp_user: <SMTP username from SES console>
smtp_pass: <SMTP password from SES console>

Self-hosted (Postfix / Mailcow)

smtp_host: mail.yourdomain.com
smtp_port: 587
smtp_user: [email protected]
smtp_pass: your-password

What the Alert Email Contains

Each alert email includes:

Summary: total new CVEs found across all projects, breakdown by severity
Per-project section: project name, affected packages, CVE IDs, severity, safe version, fix command
Direct fix commands: copy-paste-ready infynon pkg fix commands

Run in the Background (Linux / macOS)

Eagle Eye runs in the foreground. To keep it running:

# systemd service
cat > /etc/systemd/system/eagle-eye.service << 'EOF'
[Unit]
Description=INFYNON Eagle Eye CVE Monitor
After=network.target

[Service]
ExecStart=/usr/local/bin/infynon pkg eagle-eye start
Restart=always
User=youruser

[Install]
WantedBy=multi-user.target
EOF

systemctl enable eagle-eye
systemctl start eagle-eye

# Or with screen
screen -dmS eagle-eye infynon pkg eagle-eye start

# Or with nohup
nohup infynon pkg eagle-eye start > ~/eagle-eye.log 2>&1 &

Monitoring Multiple Projects

During setup, provide multiple project paths:

Project paths: /home/user/api-backend, /home/user/frontend, /home/user/mobile-app

Eagle Eye scans each path for all supported lock files (package-lock.json, Cargo.lock, uv.lock, etc.) and reports per-project.

Risk Level Configuration

Level	Sends alert for
`LOW`	All CVEs including informational
`MEDIUM`	Medium + High + Critical
`HIGH`	High + Critical only (recommended for most teams)
`CRITICAL`	Critical CVEs only (minimal noise)

Recommended: HIGH — alerts you to serious vulnerabilities without flooding your inbox with low-severity noise.

Combine with CI Gates

Eagle Eye catches new CVEs between releases. Pair it with CI gates for defense-in-depth:

# On every commit: hard block
- run: infynon pkg npm install --strict high

# Nightly: full scan with report
- run: infynon pkg scan --output markdown

Eagle Eye handles the ongoing monitoring; CI gates handle the moment of install.

eagle-eye-monitor

Popularity

Invocation

Context Preview

SKILL.md

eagle-eye-monitor

Popularity

Invocation

Context Preview

SKILL.md

INFYNON Eagle Eye — Continuous CVE Monitoring

CRITICAL RULE — All Package Operations Go Through `infynon pkg`

What Eagle Eye Does

Setup — Interactive Wizard

Start Monitoring

SMTP Configuration Examples

Gmail (app password required)

AWS SES

Self-hosted (Postfix / Mailcow)

What the Alert Email Contains

Run in the Background (Linux / macOS)

Monitoring Multiple Projects

Risk Level Configuration

Combine with CI Gates

Similar Skills

INFYNON Eagle Eye — Continuous CVE Monitoring

CRITICAL RULE — All Package Operations Go Through `infynon pkg`

What Eagle Eye Does

Setup — Interactive Wizard

Start Monitoring

SMTP Configuration Examples

Gmail (app password required)

AWS SES

Self-hosted (Postfix / Mailcow)

What the Alert Email Contains

Run in the Background (Linux / macOS)

Monitoring Multiple Projects

Risk Level Configuration

Combine with CI Gates

Similar Skills

eagle-eye-monitor

Popularity

Invocation

Context Preview

SKILL.md

eagle-eye-monitor

Popularity

Invocation

Context Preview

SKILL.md

INFYNON Eagle Eye — Continuous CVE Monitoring

CRITICAL RULE — All Package Operations Go Through infynon pkg

What Eagle Eye Does

Setup — Interactive Wizard

Start Monitoring

SMTP Configuration Examples

Gmail (app password required)

AWS SES

Self-hosted (Postfix / Mailcow)

What the Alert Email Contains

Run in the Background (Linux / macOS)

Monitoring Multiple Projects

Risk Level Configuration

Combine with CI Gates

Similar Skills

INFYNON Eagle Eye — Continuous CVE Monitoring

CRITICAL RULE — All Package Operations Go Through infynon pkg

What Eagle Eye Does

Setup — Interactive Wizard

Start Monitoring

SMTP Configuration Examples

Gmail (app password required)

AWS SES

Self-hosted (Postfix / Mailcow)

What the Alert Email Contains

Run in the Background (Linux / macOS)

Monitoring Multiple Projects

Risk Level Configuration

Combine with CI Gates

Similar Skills

CRITICAL RULE — All Package Operations Go Through `infynon pkg`

CRITICAL RULE — All Package Operations Go Through `infynon pkg`