ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Gateway Watchdog

v0.1.0

Automatically installs and configures Gateway Watchdog to monitor Gateway status, enable DingTalk alerts, set up auto-start, and run the monitoring service.

0· 106·0 current·0 all-time
byAnonymous@adminlove520
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill's name/description (Gateway monitoring, DingTalk alerts, auto-start) aligns with the provided code: gateway_monitor.py implements health checks, restart logic, and DingTalk notifications; install.py configures startup on Windows/macOS/systemd. Required capabilities (killing/restarting the gateway, writing logs/config in the user's home directory, calling a webhook) are consistent with the stated purpose.
Instruction Scope
SKILL.md instructs cloning a GitHub repo and running install.py/configuring config.py — that matches the included files but also points agents/users to an external GitHub URL (adminlove520/gateway-watchdog). The runtime instructions are otherwise narrowly scoped to installation, configuration, and running the watchdog. They do not request arbitrary system-wide data or other credentials beyond the DingTalk webhook/secret (which are stored in config.py).
Install Mechanism
There is no platform install spec in the registry (instruction-only), which limits automatic disk writes from the registry. However, SKILL.md tells the user to git clone from a third-party GitHub repo. The packaged skill already contains the same files, but following SKILL.md would fetch code from an external source — a minor supply-chain risk if you don't trust that GitHub repository.
Credentials
The registry metadata lists no required env vars; the code uses a config.py (WEBHOOK, SECRET) for DingTalk credentials, which is proportional to its notification feature. A notable operational concern: kill_gateway_processes() uses broad commands (Windows: taskkill /IM node.exe; Linux/macOS: pkill -f openclaw) which could terminate unrelated node processes or match unintended processes. The skill does not attempt to read or exfiltrate other secrets or environment variables.
Persistence & Privilege
The install script creates persistent startup entries (Windows scheduled task, a plist for macOS, or a systemd service template). That is expected for auto-start behavior. The script prints instructions for systemd rather than writing the file directly (it does write the plist for macOS). Installing system services will require elevated permissions — this is normal but something to be aware of.
Assessment
This skill's code and instructions are coherent with its goal (monitor and auto-restart the OpenClaw Gateway and notify via DingTalk). Before installing: - Inspect the config.py you create and only set the DingTalk WEBHOOK/SECRET if you trust the recipient robot; the code will post status messages to that webhook. - Review the process-killing logic: on Windows the script will call taskkill /IM node.exe (kills all node.exe) and on Linux/macOS uses pkill -f openclaw. If you run other Node.js services on the same host those may be killed; consider modifying the script to target the gateway process more precisely. - The SKILL.md suggests cloning a GitHub repo (adminlove520). Even though the packaged skill already contains the same scripts, cloning or fetching code from external sources is a supply-chain risk—only do this from repositories you trust. - Installing auto-start entries requires elevated privileges (systemd/service or scheduled tasks). Prefer installing under a restricted user account rather than root/admin when possible. - Test the watchdog in a controlled environment (non-production) to confirm restart behavior and side effects before deploying on production hosts. If you want a lower-risk setup: avoid running the installer as root, review and edit kill/start commands to be less broad, or run the monitor in a container or restricted user session so any aggressive process-kill affects only an isolated environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97egcbe0hpghbapg6cv4jv7c1834jsx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments