Claw Problem Diagnoser
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill matches its troubleshooting purpose, but it advertises broad automatic repair, monitoring, remote/sudo use, and credential checks without clear safety boundaries.
Treat this as a powerful troubleshooting tool, not a simple read-only checker. Before installing or invoking it, inspect the full source, run diagnostics in report-only mode, avoid auto-fix/sudo/remote/monitor modes by default, back up OpenClaw configuration, and ensure any credentials used for integration checks are limited and redacted from reports.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could be asked to make system or OpenClaw changes that affect configuration, dependencies, permissions, or remote hosts.
The skill documents automatic repairs and remote diagnosis, but does not clearly define which files, packages, services, or remote systems may be changed or require explicit per-change approval.
claw-diagnose --auto-fix ... claw-diagnose --auto-fix --backup ... claw-diagnose --remote user@hostname
Run report-only diagnostics first, review each proposed fix manually, keep backups, and avoid auto-fix, sudo, or remote modes unless you have inspected the full code and understand the changes.
API keys, tokens, or account access used for OpenClaw integrations could be exposed, overused, or included in diagnostic output if handling is not carefully bounded.
The skill says it verifies API keys and credentials, but the artifacts do not specify which credentials are read, how they are protected, what scopes are needed, or whether they may appear in reports.
- 检查外部服务集成 - 验证API密钥和凭证 - 测试数据流连接性
Use only low-privilege test credentials where possible, redact reports, and require the skill to disclose exactly which credential locations and services it checks.
Recurring monitoring can consume resources and may repeatedly inspect local system state; if combined with auto-fix it could make repeated changes.
The skill supports startup and periodic monitoring. This is disclosed and aligned with maintenance, but it means the diagnoser may keep running recurring checks if enabled.
"autoDiagnoseOnStartup": true, "checkInterval": 3600 ... diagnoser.start_monitoring(interval=300) ... claw-diagnose --monitor --interval 300
Keep startup monitoring disabled unless needed, set a clear interval, and do not combine monitoring with automatic fixes without explicit safeguards.
Installation or execution may pull newer dependency versions or fail/behave differently than expected if referenced files are missing or supplied elsewhere.
The package uses range-based dependencies and references a CLI module path that is not present in the supplied manifest. This is not malicious by itself, but it is a packaging/provenance gap users should verify.
"dependencies": { "psutil": ">=5.9.0", "requests": ">=2.25.1", "colorama": ">=0.4.6", "tabulate": ">=0.9.0" }, "scripts": { "diagnose": "python -m problem_diagnoser.cli" }Install only from a trusted source, inspect the complete package, and prefer pinned or locked dependencies before using system-changing features.