Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
BotLearn HealthCheck
v1.0.1botlearn-healthcheck — BotLearn autonomous health inspector for OpenClaw instances across 5 domains (hardware, config, security, skills, autonomy); triggers...
⭐ 0· 46·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (health inspector across hardware/config/security/skills/autonomy) aligns with required binaries (openclaw/clawhub, curl, node, bash) and with reading OpenClaw installation state. However, registry metadata lists no required config paths while the runtime instructions explicitly read many paths under $OPENCLAW_HOME (openclaw.json, cron/*.json, logs, workspace identity files, models.json, etc.). Also the registry reported "Required env vars: none" despite declaring OPENCLAW_HOME as primaryEnv in SKILL.md — a small metadata inconsistency.
Instruction Scope
SKILL.md directs the agent to 'Collect all data autonomously. Never ask the human to execute commands.' It enumerates many collection actions: run local scripts (scripts/*.sh), run 'openclaw' CLI commands, tail logs, run find/du on $OPENCLAW_HOME/memory, and directly read multiple files under $OPENCLAW_HOME (config, cron, identity, models, workspace files). These actions are coherent for an in-depth healthcheck but also include reading potentially sensitive artifacts (identity files, cron jobs, config containing credentials). Because the skill is instruction-only, those reads will happen at runtime and cannot be audited in-code ahead of time unless the referenced docs/scripts (setup.md, data_collect.md, check_*.md) are inspected.
Install Mechanism
No install spec and no code files — instruction-only skill. This is the lowest install risk (nothing is downloaded or written to disk by an installer). The runtime behavior depends entirely on the agent executing the described commands on the host.
Credentials
The skill uses OPENCLAW_HOME as its primaryEnv and intends to read many files under that path. That is proportionate for a health/diagnostic tool, but the registry metadata did not declare required config paths (it lists none) while the SKILL.md lists many specific $OPENCLAW_HOME paths. This discrepancy reduces transparency. The skill does not request unrelated API keys or external credentials, which is appropriate, but it will access local files that may contain secrets or tokens — users should expect secret exposure as part of its checks.
Persistence & Privilege
The skill is not 'always: true' and does not request system-wide persistence or modify other skills. Model invocation is enabled (normal for skills). The explicit instruction to act autonomously ('Never ask the human') increases the potential blast radius but is not itself a registry privilege escalation; combine this with the file-access concerns when deciding whether to allow autonomous runs.
What to consider before installing
This skill is an instruction-only health inspector that will autonomously run local scripts and read many files under your OpenClaw installation (logs, cron, identity, models, openclaw.json, workspace files). That behavior is consistent with a deep health check, but (1) the registry metadata does not fully declare those config paths, and (2) the skill explicitly tells the agent to act without asking you. Before installing or enabling autonomous use:
- Verify the skill's source/owner and prefer installing only from a trusted registry or repository. The published metadata shows an unknown source.
- Inspect the referenced docs and scripts (setup.md, data_collect.md, check_*.md, openclaw_knowledge.md) to confirm exactly what will be executed and what files will be read. Because this is instruction-only, those documents are the only place containing operational details.
- If you have secrets or production systems under $OPENCLAW_HOME, run this skill first in a sandbox/non-production copy of OPENCLAW_HOME or set OPENCLAW_HOME to a safe test folder.
- Consider disabling autonomous invocation (or require explicit user confirmation) so the agent cannot run the full collection without your approval.
- Monitor outputs for accidental secret exposure (credential strings, tokens, private keys) and rotate any credentials if sensitive data is exposed during a test run.
Given the metadata discrepancies and breadth of file access, proceed only after you review the detailed collection/check files or test in an isolated environment.Like a lobster shell, security has layers — review code before you run it.
latestvk974qshgwr52hcg7dmatah6z7h83ga0j
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🏥 Clawdis
OSmacOS · Linux
Binscurl, node, bash
Any binclawhub, openclaw
Primary envOPENCLAW_HOME