Analysis

Run deep system health checks across workspace, config, skills, and integrations with prioritized findings and remediation.

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 2 · 1.1k · 12 current installs · 13 all-time installs

byIván@ivangdavila

MIT-0

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

The name/description ('system health checks' across workspace, config, skills, integrations) match the checks and remediation content: it legitimately inspects files, git history, sessions, cron, services, and integration tokens. No unrelated credentials, binaries, or install steps are requested.

ℹ

Instruction Scope

Instructions explicitly tell the agent to read many sensitive files (e.g., ~/.ssh, memory/, .env, git history, keychain references), run local commands (grep, find, stat, git, curl, pgrep) and include remediation scripts that can change permissions, move/delete/archive files, restart services, kill sessions, and recommend force-pushing git history. This is within the stated diagnostic purpose, but the remediation templates are potentially destructive and should not be executed without explicit user approval or dry-run safeguards.

✓

Install Mechanism

Instruction-only skill with no install spec and no downloaded code — lowest install risk.

ℹ

Credentials

The skill requests no environment variables or external credentials, but its checks reference many sensitive local configurations and third-party tokens (Cloudflare, Hetzner, bot tokens). Access to those files and the ability to perform authenticated API checks is appropriate for a diagnostic tool, but it means the agent will encounter secrets if present — treat findings carefully and avoid automatic exfiltration or transmission.

ℹ

Persistence & Privilege

The skill is not always-enabled and does not request persistent platform privileges. However, tracking.md suggests optional scheduled analysis and writing to memory/health-status.md; combined with remediation scripts, enabling autonomous runs or heartbeat-based checks could let it perform repeated modifications. Require explicit opt-in before scheduling or allowing auto-fix actions.

Assessment

This skill is coherent with its stated purpose and doesn't pull external code, but it inspects sensitive local files and includes remediation scripts that can modify or delete data (chmod, mv, git filter-branch/force-push, restart services, kill sessions, write to keychain). Before installing or running it: (1) run in read-only or dry-run mode first, (2) back up repositories and important files, (3) never allow automatic 'auto-fix' actions without explicit approval, (4) do not enable scheduled/heartbeat runs unless you trust the configured behavior, and (5) review any suggested credential rotation or force-push procedures with caution (these are destructive). If you want higher assurance, ask the skill author for a non-destructive dry-run mode and explicit prompts before any remediation step.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0

Download zip

latestvk97fpqkymtssm6519wcv94ceh981146v

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

When To Use

Trigger when user says: "check my system", "what's wrong", "health check", "diagnose", "audit", "why is X slow", "something feels off"

This is NOT generic data analysis. This is system self-diagnosis — examining the agent's own workspace, configuration, and operational health.

Analysis Modes

Mode	Scope	When
Quick	Security + critical operational	"Quick check", default if unspecified
Full	All categories, all checks	"Full audit", "deep check"
Targeted	Single category	"Check my memory", "audit cron"

Priority Order (Always This Sequence)

SECURITY — Exposed secrets, leaked credentials, permission issues
OPERATIONAL — Broken crons, dead sessions, unreachable APIs
HYGIENE — Memory bloat, orphan files, stale entries, inefficiencies

Stop and report critical security findings immediately. Don't bury them in a long list.

Detection Strategy

Cheap first, expensive only when needed:

File checks (free) — existence, size, age, syntax
Local commands (cheap) — process lists, disk usage, git status
API calls (expensive) — only when file-level signals warrant

Never hit external APIs speculatively. Validate need from local evidence first.

Findings Format

[CRITICAL|WARNING|INFO] category/subcategory: description
  → Action: specific remediation step
  → Auto-fixable: yes/no

Group by severity, not by category. User sees worst problems first.

Load Detailed Checks

Category	Reference
All check definitions by category	`checks.md`
Remediation actions and auto-fix scripts	`remediation.md`
Tracking analysis runs, improvement over time	`tracking.md`

Files

4 total

Select a file

Select a file to preview.

Comments

Loading comments…