adikrn/SecurityClaw — reverse-engineered prompt

Build me a SecurityClaw app, an autonomous SOC helper that watches OpenSearch or Elasticsearch logs, learns normal behavior over time, and uses a local Ollama LLM to help decide whether unusual activity looks risky.

I want it to have a simple setup flow where I can enter database details, Ollama settings, and optional threat intel API keys, then save everything into config files. It should run as a background service with scheduled jobs, like checking for anomalies often and rebuilding behavioral memory every few hours. It should also let me manually run investigation skills, ask questions in a chat, query stored baselines, and review what the agent found.

Please include a clean web interface with chat, skill dispatch, config editing, schedule controls, conversation history, and a status dashboard. Also keep CLI commands for running the service, chatting in terminal, listing skills, checking status, and dispatching a skill. Use sensible defaults and mock friendly behavior so I can test it locally. Look up current docs online if you need to.