任务守望者与弹窗杀手 (Task Watchdog)
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: task-watchdog Version: 0.1.0 The OpenClaw skill 'task-watchdog' is designed to monitor long-running tasks, close pop-up windows, and send alerts if a task stalls. The `SKILL.md` explicitly disallows shell access (`shell: allowed: false`) and includes strong safety constraints, such as prohibiting process termination and preventing clicks on dangerous UI elements like 'Restart system' or 'Update and install'. Network access is allowed only for sending user-configured Webhook alerts, which is consistent with its stated purpose. There is no evidence of prompt injection, data exfiltration, malicious execution, or obfuscation. The instructions are clear, focused, and prioritize user safety.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could accidentally close or ignore an important warning, update prompt, error dialog, or security alert while the user is away.
This grants the agent unattended authority to click UI controls and dismiss dialogs, but the skill does not define a strict allowlist or require user confirmation for potentially important system/security prompts.
如果发现无关弹窗,立即识别其右上角的“X”按钮,或“稍后提醒”、“关闭”、“忽略”等按钮,模拟鼠标点击将其关闭。
Use only with a tightly defined target window and approved dialog/button list; require confirmation or alert-only behavior for system, security, update, restart, payment, deletion, or error dialogs.
The agent may keep monitoring and interacting with the desktop until the task completes or is stopped.
The skill explicitly describes a long-running autonomous loop. This is disclosed and purpose-aligned, but users should notice that it continues acting while they are away.
进入休眠状态。每隔 5 分钟醒来一次,执行以下检查
Set an explicit stop condition, maximum runtime, and manual cancel method before starting the watchdog mode.
A failure alert could reveal private information visible on the screen or send status details to a webhook destination.
The skill may capture the full screen and use a user-configured webhook for alerts. The artifact does not clearly state whether screenshots are sent, but screenshots and webhook notifications can expose sensitive screen content if configured broadly.
立即对当前屏幕进行完整截图。调用系统或用户预设的通知机制(如果用户配置了 Webhook 报警)
Use a trusted webhook destination, avoid displaying sensitive information during monitoring, and clarify whether screenshots are stored or transmitted.