ClawHub

Daily Brief

v1.1.0

Send a daily operational brief from your self-hosted OpenClaw to Telegram — agent health, unresolved issues, and weekly evolution highlights, every morning.

0· 166·1 current·1 all-time
by@baobaodawang-creater
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the runtime actions: the script collects OpenClaw gateway logs, reads evolver logs, calls the local OpenClaw chat completion endpoint (secretary agent) and posts to Telegram. Required binaries (bash, curl, jq, docker) and env vars (OPENCLAW_TOKEN, TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID) are appropriate for this workflow.
Instruction Scope
Instructions explicitly read docker logs from the openclaw-gateway container and tail /tmp/evolver-*.log, then submit those contents to a local OpenClaw completion endpoint and forward the summary to Telegram. This is within scope, but it means logs (which may contain secrets or sensitive operational data) will be aggregated and sent off-host.
Install Mechanism
Instruction-only skill with no install spec or downloaded code — nothing will be written to disk by the skill itself. Low install risk.
Credentials
Requested env vars are proportional to the task (OpenClaw token to call the local API; Telegram bot token and chat id to send messages). However, those credentials enable sending potentially sensitive data externally; Telegram is a third-party endpoint outside your network, so token and chat selection matter.
Persistence & Privilege
always:false and user-invocable:true (defaults) — the skill is not forced into every agent run and does not request elevated platform privileges or changes to other skills' configs.
Assessment
This skill does what it says: it collects container logs and an evolver log, summarizes them with your local 'secretary' agent, and posts the report to Telegram. Before installing, consider: 1) Do your gateway/evolver logs contain secrets (API keys, tokens, PII)? If so, add log redaction or filtering before sending. 2) Ensure the Telegram chat is private and the BOT token is stored/rotated securely. 3) Limit who can read the cron job and script (run under an appropriate non-root account). 4) Confirm the OPENCLAW_TOKEN scope is minimal and that the 'secretary' agent is trusted. 5) Test in a staging environment first to verify nothing sensitive is leaked. If you need higher confidentiality, consider delivering reports to an internal endpoint instead of Telegram or implementing log sanitization.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a3khhrfmhkgm1zrmkjbr8y18356f7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🗞️ Clawdis
Binsbash, curl, jq, docker
EnvOPENCLAW_TOKEN, TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID
Primary envOPENCLAW_TOKEN

Comments