Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
OpenClaw Ops
v1.2.1Use when diagnosing, repairing, or maintaining an OpenClaw Gateway on the same machine. Designed for rescue agents to fix a down gateway or check operational...
⭐ 0· 637·8 current·8 all-time
byLinfeng Liang@dinstein
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the runtime instructions: the skill explicitly targets diagnosis, repair, and maintenance of a local OpenClaw Gateway and asks only for shell access, Node.js/npm availability, and read/write access to ~/.openclaw/. Those requirements are appropriate for the stated tasks (logs, config edits, service restarts, dependency reinstall).
Instruction Scope
SKILL.md instructs the agent to read logs, configuration files, and env files containing tokens (with a non-enforceable instruction to never print them), run systemctl/launchctl, and perform safe-edit/backup workflows. These actions are within scope but do require the rescue agent to have access to secrets and the ability to modify system services — ensure the rescue agent itself is trusted. The guidance relies on the agent's discretion (e.g., not printing tokens), which is a behavioral constraint rather than an enforced technical control.
Install Mechanism
This is an instruction-only skill with no install spec or code files to be downloaded or executed during install. That minimizes supply-chain risk. README suggests installing SKILL.md from a GitHub repo, but the skill bundle in the registry contains only documentation; there is no automatic installer to evaluate.
Credentials
The skill declares no required environment variables in the registry metadata, yet the instructions explicitly state the agent will access local env files containing tokens in ~/.openclaw/. Access to these local secrets is proportional to the task, but the registry metadata omission is a minor inconsistency. No unrelated external credentials or high-privilege cloud keys are requested.
Persistence & Privilege
The skill is not always-enabled and is user-invocable; it does not request persistent privileges or modify other skills' configs. It performs privileged local operations (service restarts, config edits) which are inherent to its purpose — install it only on a dedicated rescue agent, not on the primary gateway.
Assessment
This skill is coherent for its stated use: maintaining a local OpenClaw Gateway. Before installing, ensure you: (1) install it only on a separate, trusted rescue agent (the README repeats this warning), not on the primary gateway; (2) verify the rescue agent's access controls because the skill requires read/write access to ~/.openclaw/ and access to env files containing tokens; (3) review and keep copies of the SKILL.md so you understand what commands the agent will run, and require explicit user confirmation for destructive actions; (4) prefer running the rescue agent under a least-privilege account or inside a restricted container/VM to limit blast radius; (5) if you need stronger assurances, ask for an explicit list of local env filenames the skill will read and for any automated export/transmit steps (none are present in the current SKILL.md). If the package later includes code files or an install script that downloads archives or runs external binaries, re-evaluate before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk972a0fdvzpz9g7a5pnata5v7d81tx1t
License
MIT-0
Free to use, modify, and redistribute. No attribution required.