Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
OpenClaw Watchdog Pro
v2.2.0OpenClaw 跨平台配置备份与网关监控。自动备份 openclaw.json,每分钟检查 gateway 状态,宕机时自动恢复。支持 Linux/macOS/Windows。触发:配置备份、gateway 监控、自动恢复、看门狗、watchdog。
⭐ 0· 129·0 current·0 all-time
byDorad@doradx
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (backup + gateway monitoring) align with the scripts: they back up openclaw.json, probe the gateway via WebSocket/TCP, attempt recoveries, and call openclaw doctor. However there are minor mismatches (SKILL.md references install.js but file is install.cjs) and the shell script hardcodes /root/.openclaw while the Node scripts use the user's home or OPENCLAW_CONFIG_DIR — this inconsistency is unexpected for a cross-platform user-space tool.
Instruction Scope
Runtime instructions and code modify system state: install script writes systemd unit files, edits user shell rc (~/.bashrc, ~/.profile), adds cron tasks or Windows scheduled tasks, and instructs aliasing oc to wrap openclaw. The watchdog will execute system commands (openclaw start/stop/doctor) and probe localhost ports. SKILL.md does not explicitly warn about needing root for systemd/schtasks changes. The shell script hardcodes /root/.openclaw which could cause unexpected behavior or elevated-file use when run as non-root or root.
Install Mechanism
No remote downloads are performed (no install spec); code is bundled with the skill. That lowers supply-chain risk, but the included install script writes to privileged locations (/etc/systemd/system) and calls systemctl/schtasks/launchctl. The install behavior requires running the bundled script with sufficient privileges to create services/tasks; this is expected but intrusive.
Credentials
The skill does not request environment variables or external credentials. It uses OPENCLAW_CONFIG_DIR (optional) and otherwise operates on local files and runs local openclaw commands — consistent with its purpose.
Persistence & Privilege
Installer configures persistent, privileged runners: systemd service created at /etc/systemd/system (service runs as User=root), launchd plist, cron jobs, or Windows scheduled task running as SYSTEM. Running the watchdog as root/SYSTEM and adding shell aliases are significant privileges and should be granted deliberately. always:false mitigates forced inclusion, but the skill does request system-level persistence.
What to consider before installing
This skill appears to implement the advertised backup and gateway-monitoring features, but it is intrusive and requires elevated installation steps. Before installing: (1) Review the bundled scripts yourself — they will create systemd/launchd/crontab/schtasks entries and add a shell alias. (2) Note the shell script uses /root/.openclaw (inconsistent with the Node scripts) — this could cause files to be written under root unexpectedly. (3) Installing the systemd/Windows task will run the watchdog as root/SYSTEM (high privilege); only proceed if you trust the source and the openclaw commands invoked (start/stop/doctor). (4) If uncertain, run the scripts in a disposable VM or container first, or manually inspect/copy only the parts you need (for example, avoid enabling the system service and run the monitor in a user session). (5) Correct the minor inconsistencies (install.js vs install.cjs) or request clarifications from the publisher. If you rely on sensitive host integrity, treat this as high-risk until vetted.scripts/install.cjs:31
Shell command execution detected (child_process).
scripts/watchdog.cjs:133
Shell command execution detected (child_process).
scripts/watchdog.cjs:35
Environment variable access combined with network send.
scripts/watchdog.cjs:84
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk9725hme7dz87pzxn9eddyg0s983h6kb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.