Openclaw Safety Guard

v0.1.1

OpenClaw 安全卫士（发布 slug：openclaw-safety-guard，内部代号：openclaw-watchdog）：默认工作日 10:00 自动扫描 7 个维度（安全、记忆、心跳、定时任务、共享文件、通讯、代码规范），生成健康评分和可视化 Dashboard，通过飞书私信发送报告；没有 Cur...

⭐ 0· 341·0 current·0 all-time

by@jasonzhangshuo

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for jasonzhangshuo/openclaw-safety-guard.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Openclaw Safety Guard" (jasonzhangshuo/openclaw-safety-guard) from ClawHub.
Skill page: https://clawhub.ai/jasonzhangshuo/openclaw-safety-guard
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: FEISHU_APP_ID, FEISHU_APP_SECRET
Required binaries: python3, node, npm
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install jasonzhangshuo/openclaw-safety-guard

ClawHub CLI

Package manager switcher

npx clawhub@latest install openclaw-safety-guard

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

medium confidence

✓

Purpose & Capability

The name/description promise a local watchdog that scans 7 dimensions and notifies via Feishu. Requested binaries (python3, node, npm) and environment variables (FEISHU_APP_ID, FEISHU_APP_SECRET) match that purpose (Python scripts for probes and a Node frontend build; Feishu credentials for notification/upload). The included scripts (scan_*.py, generate_dashboard.py, notify_feishu.py, upload_to_feishu_drive.py, setup.py) align with the declared functionality.

ℹ

Instruction Scope

SKILL.md tells the agent to run setup.py (which writes config.json and registers a cron job), then run run_pipeline.py to execute probes that scan code, plist/launch agents, exec-approvals, git repos, memory/knowledge dirs and other local paths. Those reads and writes are within the stated watchdog scope, but they are broad (system LaunchAgents, exec-approvals file, workspace files). The agent will also obtain the installer’s Feishu open_id from the conversation context to populate notify.receive_id — this is expected for automated notifications but is an access-to-conversation-context action worth noting.

✓

Install Mechanism

There is no external install spec (no arbitrary download step); code is provided in the skill bundle and SKILL.md instructs running local Python/Node commands. This is lower risk than fetching executables from untrusted URLs. No installers or third-party URL downloads are referenced in SKILL.md.

ℹ

Credentials

Only FEISHU_APP_ID and FEISHU_APP_SECRET are declared and these are justified by the Feishu notification/drive upload functionality. However, the skill will read many local files/paths (plist, exec-approvals, workspace files, git repos) as part of scans; while coherent with the purpose, these are sensitive sources of data. The primaryEnv (FEISHU_APP_ID) is appropriate.

ℹ

Persistence & Privilege

The skill’s post-install setup writes config.json and registers a cron job under .openclaw/state/cron/jobs.json and instructs restarting the Gateway so daily scans run. It also includes an automatic 'fix_green.py' remediation step (documented as limited to chmod-like low-risk ops). These are reasonable for a scheduled watchdog but constitute persistent presence and the ability to modify local state/permissions, so audit the setup and fix scripts before granting runtime access.

Scan Findings in Context

[base64-block] unexpected: A base64-block pattern was flagged in SKILL.md by the pre-scan. The visible SKILL.md content does not obviously contain base64 payloads, so this could be either a false positive from the scanner or an obfuscated/encoded block elsewhere in the documentation files. Treat this as a caution: inspect SKILL.md and any embedded strings in scripts (especially setup.py, notify_feishu.py, upload_to_feishu_drive.py, and fix_green.py) for encoded payloads or hidden instructions before installing.

Assessment

This skill is coherent with its stated purpose (local watchdog that notifies via Feishu) but it will: (1) read many local files (LaunchAgents plist, exec-approvals, git working tree, workspace knowledge directories), (2) write config.json and register a scheduled cron job, and (3) may perform automated low-risk fixes (chmod). Before installing: review the actual contents of scripts/setup.py, scripts/fix_green.py, scripts/notify_feishu.py and scripts/upload_to_feishu_drive.py to confirm they only access/ship data you expect and that fixes are limited to safe operations. Consider running the pipeline manually in a safe environment (python3 scripts/run_pipeline.py) with FEISHU env vars unset to inspect outputs first. Because the source and homepage are absent and a base64-block was flagged by the scanner, exercise caution: prefer manual code review or running the code in an isolated/test environment before granting it access to your real Feishu credentials and production workspace.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🛡️ Clawdis

Binspython3, node, npm

EnvFEISHU_APP_ID, FEISHU_APP_SECRET

Primary envFEISHU_APP_ID

latestvk9771dhyhnx0g4g5es24pbv1n982gadd

341downloads

0stars

2versions

Updated 1mo ago

v0.1.1

MIT-0

OpenClaw 安全卫士（openclaw-safety-guard）

OpenClaw 安全卫士的 Clawhub 发布 slug 为 openclaw-safety-guard，内部技术代号仍为 openclaw-watchdog。它是 OpenClaw 项目全链路健康监控工具，默认工作日自动扫描 7 个维度，生成评分和可视化 Dashboard，通过飞书发送报告。没有 Cursor 也可以直接查看 dashboard 和下载 JSON 日志。

安装（clawhub）

clawhub install openclaw-safety-guard

安装完成后，Agent 立即执行 post-install 初始化：

python3 {baseDir}/scripts/setup.py --receive_id <当前对话 sender 的 Feishu open_id>

--receive_id 由 Agent 从当前会话 context 中自动获取（即安装者本人的 open_id），无需手动填写。

setup.py 自动完成：

写入 {baseDir}/config.json（绑定通知接收人）
在 .openclaw/state/cron/jobs.json 注册每日扫描任务
立即执行一次完整扫描，安装者 30 秒内收到第一份飞书健康报告

⚠️ 安装完成后重启 Gateway 使 cron 生效：openclaw gateway restart

前置条件

FEISHU_APP_ID 和 FEISHU_APP_SECRET 已配置在 Gateway plist 的 EnvironmentVariables 中
本机已安装 node（用于首次 build frontend）
OpenClaw Gateway 已运行

触发方式

每日自动：安装时注册的 cron job，默认工作日 10:00（Asia/Shanghai）触发
手动触发：在飞书群对 Agent 说 体检、生成健康大盘、跑一遍安全检查

执行流程

触发
  ↓
Step 1: 执行 7 个探针扫描
  python3 {baseDir}/scripts/run_pipeline.py
  内部依次调用：
    scan_heartbeat.py   → 心跳监控维度
    scan_standards.py   → 代码规范维度
    scan_memory.py      → 记忆健康维度
    scan_cron.py        → 定时任务维度
    scan_shared.py      → 共享文件维度
    scan_comm.py        → 通讯配置维度
    scan_security.py    → 安全维度
  ↓
Step 2: 聚合评分（含与上次对比的 score_delta）
    aggregate_watchdog.py
  ↓
Step 3: 生成可视化 Dashboard HTML（含飞书 bot 头像）
    generate_dashboard.py
  ↓
Step 4: 按次归档到 data/logs/YYYY-MM-DD_HH-MM/
  ↓
Step 5: 飞书私信通知（含健康分、问题列表、Dashboard 本地路径）
    notify_feishu.py
  ↓
Step 6: 自动执行 GREEN 安全修复（仅 chmod 类低风险操作）
    fix_green.py

手动重发通知

python3 {baseDir}/scripts/notify_feishu.py

配置文件

config.json 由 setup.py 自动生成，参考 config.example.json 了解全部可配项。

关键字段：

字段	说明
`notify.receive_id`	接收飞书通知的 open_id（setup.py 自动填入）
`notify.score_recovery_threshold`	分数提升超过此值时用「恭喜」语气（默认 3）
`memory.checks[cross_workspace_conflict].tracked_concepts`	自定义需要跨 workspace 监控一致性的概念
`security.checks[knowledge_freshness].target`	知识库目录路径（可选，不填则跳过此检查）

关键文件

文件	说明
`data/latest_status.json`	本次扫描完整结果（含 score_delta）
`data/dashboard.html`	最新 Dashboard，浏览器本地打开
`data/history.json`	问题生命周期历史（first_seen / resolved_at）
`data/logs/YYYY-MM-DD_HH-MM/`	按次归档的原始扫描日志（最多保留 30 次）
`config.json`	运行时配置（由 setup.py 生成，不提交到 git）
`config.example.json`	配置模板（可提交到 git）

错误处理

失败步骤	降级策略
探针执行报错	该维度显示 N/A，不影响其他维度
Dashboard 生成失败	通知仍发出，不含 Dashboard 路径
飞书通知失败	打印 ERROR 日志，pipeline 不中断
Bot info 获取失败	Dashboard 显示默认缩写，不影响报告发送

Comments

Loading comments...