Skip to main content

Overview

Wolffish runs a comprehensive security audit of your machine — checks open ports and what’s listening on them, firewall status and configuration, running services, SSH setup, disk encryption, OS-level protections, and scans for outdated software with known CVEs. It compiles everything into a structured report ranked by severity with exact remediation steps. Works on macOS, Linux, and Windows. The agent detects your OS and runs the appropriate commands — no manual configuration needed. No third-party vulnerability scanners. No cloud dashboards. No agents phoning home. Just shell commands + web search for CVE lookups, running locally on your machine.

Video Walkthrough

Capabilities Required

  • shell — runs system commands to audit local machine state (OS-specific: lsof/ss/netstat, firewall tools, package managers, etc.)
  • web-search — looks up CVEs for outdated packages found during the audit
Both ship with Wolffish. No extra code or plugins required.

Setup

This use case uses shell and web-search — both need a cloud LLM to work. Read the general Setting Up for Success guide for the full picture — what’s below is specific to this workflow.
  • DeepSeek v4 Pro — this workflow is primarily shell commands and structured reporting. DeepSeek v4 Pro handles it well and keeps costs low.

Required

  • Wolffish installed and running — the desktop app with a configured brain workspace.
  • Cloud API key — DeepSeek, Anthropic (Claude), or OpenAI, configured in Settings > Models. Needed for CVE lookups via web search and for generating the structured report.
  • A package manager — the outdated-package scan relies on your system’s package manager. Homebrew on macOS, apt/dnf/pacman on Linux, or winget/choco on Windows.

Optional

  • Elevated privileges — some commands need sudo (Linux/macOS) or Administrator (Windows) to see all listeners, system services, and firewall rules. Without elevation, the audit still runs but may miss some system-level services. Wolffish will prompt you (via the Amygdala) before running any privileged command.

Schedule

6:00 AM every day
Daily is enough for most people. Adjust the heartbeat schedule to match your risk tolerance.

The Prompt

Send this to Wolffish on-demand, or add it to your heartbeat for automated daily runs. When sent directly, the message goes straight to the LLM with your available capabilities — no brainstem or heartbeat involved.
Start by searching the web for known recent CVEs and security
advisories relevant to my OS and common software. Then detect my
OS and run the appropriate commands. Check open ports and what's
listening on them, firewall status, running services and daemons,
SSH config, disk encryption status, OS-level security features,
and any outdated software. Cross-reference what you find locally
against the CVEs from your search. Flag anything concerning with
risk level and tell me exactly how to fix it.
That’s it. The agent starts by searching the web for recent CVEs, then detects the OS, runs the appropriate commands, cross-references local findings against known vulnerabilities, and compiles the report.

How It Works

On-demand: You send the prompt directly. Prefrontal loads the relevant capabilities (shell + web-search) into context and the LLM executes the audit. Automated: Brainstem fires the heartbeat on schedule, which triggers the same flow without manual input. In both cases, the LLM detects the OS and runs the appropriate shell commands:
CheckmacOSLinuxWindows
Open portslsof -iTCP -sTCP:LISTENss -tlnpnetstat -ano | findstr LISTENING
Firewallsocketfilterfw --getglobalstateufw status / iptables -Lnetsh advfirewall show allprofiles
Serviceslaunchctl listsystemctl list-unitsGet-Service
Disk encryptionfdesetup statuscryptsetup status / lsblkmanage-bde -status
OS protectionscsrutil status, spctl --statusAppArmor/SELinux statusWindows Defender, Secure Boot
SSH configcat /etc/ssh/sshd_configcat /etc/ssh/sshd_configGet-Service sshd + config
Package updatesbrew outdatedapt list --upgradable / dnf check-updatewinget upgrade / choco outdated
Background processes~/Library/LaunchAgentssystemctl list-unit-filesStartup apps + scheduled tasks
  1. For each installed package with a version number, the LLM uses web_search to check for known CVEs.
  2. The LLM compiles findings into a structured report: critical > warning > info.
  3. Each finding includes: what it found, why it matters, and how to fix it.
  4. Hippocampus logs the report as an episode for historical tracking.
  5. Basalganglia records the outcome.

Limits

  • Some commands need elevated privileges (sudo on Linux/macOS, Administrator on Windows) — Amygdala will prompt you
  • CVE lookups via web search are best-effort, not a substitute for a dedicated vulnerability scanner
  • Local scans only see what the OS exposes — can’t detect rootkits or kernel-level compromises
  • System-managed packages (e.g. Apple’s /usr/bin/ruby, Windows inbox components) can’t be upgraded directly — the agent will note this and recommend alternatives

Cost & Model Guide

This is one of the cheapest use cases. No computer-use, no screenshots — just shell commands and text processing. DeepSeek v4 Pro is the recommended model. The workflow is straightforward: run commands, parse output, look up CVEs, write a report. DeepSeek v4 Pro handles this well and keeps the cost low. Claude Sonnet 4.x works well too — a solid alternative if you’re already on Anthropic’s API. Claude Haiku 4.5 may miss subtle security implications or produce less actionable remediation steps. Use it if you’re on a tight budget and comfortable interpreting results yourself.

Approximate Cost Per Run

ModelEst. Cost Per RunMonthly (Weekly)
DeepSeek v4 Pro~0.15-0.40 USD~0.60-1.60 USD
Claude Sonnet 4.x~0.30-0.80 USD~1.20-3.20 USD
Claude Haiku 4.5~0.10-0.25 USD~0.40-1.00 USD

Token Budget

~200,000 tokens per run with an 80,000 context window. The bulk comes from CVE web search results and cross-referencing. Approximately 15-25 LLM calls (web searches for CVE landscape + shell commands + Apple advisory lookups + cross-referencing + report generation).

Example Run

Here’s what a real audit looks like on macOS. The agent searched the web for recent CVEs, ran local shell commands, cross-referenced the findings, and produced this report:
Good, I have the CVE landscape. Now let me run local checks and cross-reference with those findings. Let me fetch the detailed Apple advisories and run local checks in parallel. All data collected. Let me now cross-reference everything and give you the full picture.
Security Audit — yana-macbook-proOS: macOS Tahoe 26.5 (Build 25F71) — Apple Silicon
Date: 2026-05-27
Assessment: Mostly clean with a few things worth attention

Core OS Defenses (All Good)
CheckStatus
macOS version26.5 — latest release, includes May 2026 patch batch (79 CVEs)
FileVaultOn
SIPEnabled
GatekeeperEnabled
SSH daemonNot running
Chrome148.0.7778.179 — latest
No authorized_keysNobody can SSH in

Items Needing Attention1. Node.js on port 3000 — exposed to all interfaces (MEDIUM)
node  51566 younes  19u  IPv6  TCP *:3000 (LISTEN)
A Node.js dev server or Wolffish backend is listening on all network interfaces, not just localhost. Anyone on your network (coffee shop, coworking space) can hit it.Fix: Bind it to localhost only, e.g. --host 127.0.0.1 or .listen(3000, '127.0.0.1').
2. Chrome DevTools debugging port open (LOW)
Google  36826 younes  98u  TCP 127.0.0.1:9222 (LISTEN)
Port 9222 is Chrome’s remote debugging protocol. Bound to localhost so exposure is minimal, but if you didn’t intentionally enable this (--remote-debugging-port=9222), something spawned Chrome with it on.Fix: Find what’s launching Chrome with that flag. Common culprits: Puppeteer, Playwright, Selenium, or an automation script. If you don’t need it, kill the flag.
3. 31 outdated Homebrew packages (33 with casks) (MEDIUM)
git (2.47.1)         — security fixes since
ca-certificates       — TLS trust store
gnupg, libgcrypt      — crypto libs
sqlite                — DB engine with patches
go                    — compiler with security fixes
python@3.13, python@3.14 — runtime patches
gh, cloudflared       — tools
Fix: brew upgrade && brew upgrade --cask --greedy. That’s one command. 33 packages, shouldn’t take more than a few minutes.
4. SSH config: root access to remote server (INFO)
Host yat-server
  HostName 138.68.90.57
  User root
  IdentityFile ~/.ssh/id_younes
You’re SSHing as root to a DigitalOcean droplet. Not a vulnerability per se, but root-over-SSH is the thing security people write stern blog posts about.Fix (optional): Create a non-root user with sudo on that server and disable root SSH login in /etc/ssh/sshd_config (PermitRootLogin no).
5. Firewall — enabled but no stealth mode (LOW)Firewall is on but stealth mode is off — the machine responds to pings and probe packets. On trusted home Wi-Fi this is fine, but on public networks it makes you slightly more discoverable.Fix: sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode on
CVE Cross-Reference
SoftwareYour VersionRelevant CVEsStatus
macOS Tahoe26.579 CVEs in May 2026 batch (all patched in 26.5)Patched
Chrome148.0.7778.179CVE-2026-5281 (UAF, exploited), CVE-2026-3913 (heap overflow), CVE-2026-2441 (zero-day)Patched
Node.jsv24.15.0CVE-2026-21636 (medium), March 2026 TLS CVEsLikely patched in 24.15
Git2.47.1Multiple sinceUpdate
OpenSSH10.2p1 (Apple)CVE-2025-26465/26466 (from Sequoia 15.5)Apple’s bundled, patched via OS
OpenSSL3.6.2Current
The big macOS CVEs to be aware of that you’re protected from:
  • CVE-2026-28819 (Wi-Fi) — arbitrary code execution with kernel privs
  • CVE-2026-43668 (mDNSResponder) — remote kernel memory corruption
  • CVE-2026-28972 (Kernel) — out-of-bounds write into kernel memory
All three were fixed in Tahoe 26.5, which you’re running.
Action Items (Priority Order)
  1. Bind node port 3000 to localhost — 30 seconds, closes your biggest exposure
  2. brew upgrade && brew upgrade --cask --greedy — 5 minutes, clears 33 outdated packages
  3. Enable stealth mode — 10 seconds
  4. Check what’s spawning Chrome with --remote-debugging-port — detective work
  5. Audit that DO droplet’s root SSH access — whenever you’re feeling responsible

Bottom line: your machine is in good shape. macOS defenses are fully engaged, you’re on the latest OS with the May patch batch, and your browser/runtime versions are current. The main gap is the 31-33 outdated brew packages and that exposed Node port. Neither is an emergency, but both are worth fixing this week.
The agent can also apply fixes directly if you approve — running package upgrades, toggling firewall settings, or editing SSH configs. Each destructive action goes through the Amygdala for confirmation.

Automating with Heartbeat

Add the prompt to brain/brainstem/heartbeat.md under a daily schedule:
## Daily(6:00)

Start by searching the web for known recent CVEs and security
advisories relevant to my OS and common software. Then detect my
OS and run the appropriate commands. Check open ports and what's
listening on them, firewall status, running services and daemons,
SSH config, disk encryption status, OS-level security features,
and any outdated software. Cross-reference what you find locally
against the CVEs from your search. Flag anything concerning with
risk level and tell me exactly how to fix it.
The audit runs every morning at 6 AM. Historical reports accumulate in Hippocampus, so you can track how your security posture changes over time — did you actually fix yesterday’s warnings? Are new packages introducing new CVEs?