Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Error Monitor Fix
v3.0.0错误监控 - 扫描 JSON 日志、捕获 ERROR 级别错误、OpenClaw 系统级错误修复建议
⭐ 0· 128·0 current·0 all-time
byc32@amd5
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name/description align with the provided scripts: both monitor /tmp/openclaw/*.log and produce fix suggestions. That capability justifies reading logs and producing reports. Minor mismatch: skill.json declares a postinstall script (bash scripts/install.sh) and systemd requirement, but no install.sh exists in the bundle — this is incoherent and could be a packaging/metadata error.
Instruction Scope
SKILL.md states “所有修复策略改为提示手动,不再执行文件系统修改”, but both scripts write to ~/.openclaw/workspace (append error.md, write .error-dedup.json and .fix-log.json). auto-fix.js executes system commands via child_process.execSync (ss pipeline and openclaw sessions cleanup --dry-run). The runtime instructions/behavior therefore go beyond the read-only description in SKILL.md.
Install Mechanism
No install spec is provided (instruction-only), which is low-risk, but skill.json lists a postinstall script (bash scripts/install.sh) that is missing from the package. That metadata/code mismatch is suspicious: either an expected install script is omitted or metadata was not updated. The included Node scripts will run if invoked but there is no automated installer in the bundle.
Credentials
The skill requests no credentials and no declared env vars, and only reads HOME (process.env.HOME). That is proportionate. However the code reads /tmp logs, writes to ~/.openclaw/workspace, and runs system commands (ss, openclaw CLI), which means it will access local system state and potentially require privileges to inspect sockets — appropriate for a monitoring tool but worth noting because SKILL.md claimed no filesystem modifications while the code does persist data.
Persistence & Privilege
always is false and the skill does not request elevated platform privileges. It does not modify other skills' configuration. Autonomous invocation is permitted (platform default) but not combined with an 'always:true' flag or broad credential requests.
What to consider before installing
This skill is plausible for log monitoring, but there are clear inconsistencies you should resolve before installing: (1) SKILL.md claims no filesystem writes, yet the scripts append to ~/.openclaw/workspace/error.md and write .error-dedup.json / .fix-log.json — if you want read-only behavior, inspect and remove file-write calls. (2) skill.json references scripts/install.sh which is missing — ask the author or treat that as a packaging error. (3) auto-fix.js runs system commands (ss, openclaw sessions cleanup --dry-run); these will execute on your machine when you run the scripts. Recommended next steps: review the two JS files line-by-line (or run them in an isolated sandbox/container), back up ~/.openclaw/workspace before running, verify presence/trust of the openclaw CLI, and if you need stricter guarantees, modify the scripts to run in dry-run/read-only mode only. If you cannot verify the missing install script or the author identity, treat this skill cautiously and avoid giving it persistent or automated execution on production hosts.scripts/auto-fix.js:66
Shell command execution detected (child_process).
scripts/auto-fix.js:28
Environment variable access combined with network send.
scripts/monitor-error.js:20
Environment variable access combined with network send.
scripts/auto-fix.js:104
File read combined with network send (possible exfiltration).
scripts/monitor-error.js:33
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97c2jjackk527g7xancbx7tw984vgr9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.