Skillv2.0.0

ClawScan security

System Watchdog · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 19, 2026, 12:53 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior mostly matches a local system-monitoring watchdog, but there are some mismatches (declared requirements vs. actual script dependencies), persistent state writes to the user's home, and the shipped script is truncated in the provided bundle so the full runtime behavior couldn't be fully verified.
Guidance: This skill appears to be a local system-monitor intended to read system metrics and persist lightweight state to ~/.openclaw/workspace/state/system-watchdog-state.json. Before installing: 1) Inspect the full check.sh file (the provided bundle was truncated in the listing) to confirm there's no unexpected network calls or hidden behavior. 2) Ensure Python 3 and standard system utilities (ps, df, sysctl/vm_stat on macOS, nproc or equivalent on Linux) are available — the manifest currently doesn't list these. 3) Accept that the script will write a JSON state file to your home directory; if you prefer a different path, set SYSTEM_WATCHDOG_STATE. 4) Run the script locally once to review the JSON output and verify it behaves as documented. If you can provide the remainder of the script (the truncated portion), I can re-evaluate and raise confidence.

Review Dimensions

Purpose & Capability: noteName/description align with the included check.sh which inspects RAM, swap, load, disk and processes. However the registry metadata lists no required binaries while the script requires Python 3 and several system utilities (ps, df, sysctl, vm_stat, nproc or equivalent). That mismatch is unexpected and should be corrected/clarified.
Instruction Scope: okSKILL.md contains narrow, explicit instructions: run the bundled check.sh, parse JSON output, and only report when suspicious is true. The script reads normal system files (/proc/meminfo, /proc/loadavg, runs ps, df, vm_stat/sysctl) and writes a lightweight state file to ~/.openclaw/workspace/state/... — behavior consistent with a local watchdog. No instructions direct data to external network endpoints.
Install Mechanism: okNo install spec (instruction-only skill) and the package includes the script. Nothing is downloaded from remote URLs and no archives are extracted. This is low-risk from an install mechanism perspective.
Credentials: noteThe skill requests no credentials or env vars except an optional SYSTEM_WATCHDOG_STATE override. That is proportionate. However the manifest not declaring required binaries (python3, ps, df, sysctl/vm_stat, nproc) is inconsistent and could mislead users about runtime needs.
Persistence & Privilege: noteThe script persists state under the user's home (~/.openclaw/workspace/state/system-watchdog-state.json) so it retains history between runs. It does not request elevated privileges, modify other skills or system-wide configs, and always:false. Persisting a state file in the user's home is reasonable for this purpose but the user should be aware of the file location and contents.