Back to skill
Skillv1.0.0
ClawScan security
Device Heartbeat Monitor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 8:32 AM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's files and instructions match its stated purpose (sending periodic pings to healthchecks.io and reading status), but there are a few minor operational/security mismatches and privacy considerations you should understand before installing.
- Guidance
- This skill appears to do what it says: run a small user-level agent that pings healthchecks.io and track status. Before installing, consider: 1) The scripts are macOS-specific (LaunchAgents) though the registry entry does not declare an OS restriction — only install on a macOS account. 2) The full ping URL (hc-ping UUID) is effectively a secret; setup.sh writes it into ~/Library/LaunchAgents/<label>.plist and the service runs with that value. If you treat that URL as sensitive, store it carefully and avoid sharing the plist or copying the URL into chats. 3) Use a read-only API key for remote queries and pass it as an argument to check.sh rather than embedding it in files. 4) Review file permissions for ~/.openclaw and the plist so other local users/processes cannot read them if that is a concern. If you need cross-platform support or prefer not to persist the ping URL on disk, do not install this service as-is.
Review Dimensions
- Purpose & Capability
- noteThe skill is coherent with its purpose: scripts send pings to healthchecks.io, query the API, and provide a user-level service. However the implementation is macOS-specific (uses LaunchAgents/launchctl) while registry metadata lists no OS restriction — this is an inconsistency users should be aware of.
- Instruction Scope
- concernRuntime instructions and scripts are largely scoped to heartbeat monitoring. However the full ping URL (which functions as a secret) is written verbatim into the user LaunchAgent plist (~/Library/LaunchAgents/...) as a ProgramArgument, and setup.sh prints a partial URL to stdout. The SKILL.md warns about not sharing the URL, but the install persists the secret on disk (and displays part of it). Consider that the secret will exist in user-level files and logs.
- Install Mechanism
- okNo external install/download occurs — this is instruction-only with bundled scripts. That minimizes supply-chain risk; scripts run locally and no remote code fetches are performed.
- Credentials
- okThe skill requests no environment variables or platform credentials in metadata. The check script accepts a healthchecks.io read-only API key as a runtime argument, which is proportional to the documented remote-query capability. No unrelated credentials are requested.
- Persistence & Privilege
- noteThe skill installs a user-level LaunchAgent so the heartbeat runs persistently under the installing user (not system-wide). It does not set always:true in metadata and does not modify other skills. Persisting the PING_URL in the LaunchAgent plist is expected for functionality but increases local secret persistence.