System Maintenance Test
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing or using the skill as documented could run unreviewed maintenance code from outside the package.
The reviewed package does not include the referenced scripts, so the core setup depends on fetching and running external shell code that was not included in the artifacts under review.
git clone https://github.com/jazzqi/openclaw-system-maintenance.git ... chmod +x scripts/*.sh ... bash scripts/install-maintenance-system.sh
Do not run the installer until the external repository and scripts are independently reviewed and the package includes or pins the exact code it expects to execute.
The agent could be guided toward restarting services, deleting or rotating logs, cleaning files, or changing system state in ways the user did not fully review.
These are high-impact system mutation capabilities, but the artifact does not define safe target scopes, affected directories/services, confirmation requirements, or rollback details.
Auto-recovery of failed services ... Log rotation & cleanup ... Temporary file cleanup ... Full optimization cycle
Require explicit user approval for each mutating action, default to dry-run/report-only modes, and document exact paths, services, and reversible changes.
A one-time setup could leave background maintenance jobs running repeatedly and making changes later.
The skill advertises persistent recurring automation that continues beyond a single user request, but the reviewed artifacts do not provide the scheduler implementation or clear controls to stop or contain it.
Automated monitoring every 5 minutes ... Every 5 min | Real-time Monitoring | Gateway monitoring & auto-recovery
Only enable scheduled jobs after reviewing the exact cron entries, recovery actions, logs, and uninstall/disable procedure.
Maintenance results or generated notes could persist and influence future agent behavior.
The skill says it updates a persistent learning/context area automatically, but does not explain what is stored, how it is validated, or when it is reused.
Automatic .learnings/ updates
Review and approve any persistent learning updates, and keep them limited to non-sensitive, factual maintenance records.