OpenClaw 维护脚本

v0.1.0

提供本地脚本监控和维护 OpenClaw Gateway，支持健康检测、代理切换、安全重启与日志清理，保障服务稳定运行。

⭐ 0· 384·2 current·3 all-time

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for jesson1222-ship-it/openclaw-maintenance.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "OpenClaw 维护脚本" (jesson1222-ship-it/openclaw-maintenance) from ClawHub.
Skill page: https://clawhub.ai/jesson1222-ship-it/openclaw-maintenance
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install jesson1222-ship-it/openclaw-maintenance

ClawHub CLI

Package manager switcher

npx clawhub@latest install openclaw-maintenance

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

high confidence

ℹ

Purpose & Capability

The code and SKILL.md align with the stated purpose (gateway health checks, safe restarts, proxy switching via a local Clash API, log cleanup). However the registry metadata declares no required environment variables or credentials while the instructions and scripts clearly require and use sensitive variables (e.g., OPENCLAW_NOTIFY_TARGET, CLASH_API, CLASH_SECRET, OPENCLAW_BIN). This mismatch is unexpected and worth noting.

✓

Instruction Scope

Runtime instructions and scripts stay within the maintenance domain: they check a health endpoint, call the local Clash API, switch proxies, invoke the local openclaw CLI to restart/start/stop the gateway, write logs under ~/.openclaw, and manage a /tmp lock file. There are network calls (to local Clash API and to external DELAY_TEST_URL defaulting to api.telegram.org for latency tests) and a notification path that uses the openclaw CLI to send Telegram messages. The scope is narrowly focused on maintenance and monitoring; no unrelated system file reads or remote code downloads are triggered by the scripts themselves.

✓

Install Mechanism

No remote install steps or downloads are present; install.sh simply copies bundled .sh files to ~/.openclaw/scripts and makes them executable. This is low-risk from an installation mechanism standpoint (no external archives or URLs executed).

Credentials

The package metadata lists no required env vars, but SKILL.md and the scripts require sensitive configuration: OPENCLAW_NOTIFY_TARGET (Telegram ID), optional CLASH_API and CLASH_SECRET (API bearer token), OPENCLAW_BIN, and other parameters. These are proportional to the claimed functionality, but the omission from metadata is an incoherence and increases risk because users may not realize they need to supply secrets. The scripts also invoke the local openclaw CLI which may itself have credentials or permissions — users should verify what that CLI does and what privileges it holds.

✓

Persistence & Privilege

The skill is not always:true and does not attempt to modify other skills or system-wide settings beyond copying files under the invoking user's home directory and recommending systemd/LaunchAgent usage. It uses /tmp for a lock file and writes logs to ~/.openclaw/logs. It will, when executed, restart services (via openclaw CLI) and control a local Clash API if configured — those are expected side effects for a watchdog but are privileged operational actions that require user consent.

What to consider before installing

This package's scripts do what the README says (monitor health, restart the gateway, switch Clash proxies, clean logs), but note two issues before installing: 1) the registry metadata does not declare the sensitive environment variables the scripts expect — you must provide OPENCLAW_NOTIFY_TARGET and, if using proxy switching, CLASH_API and CLASH_SECRET; 2) the scripts will invoke your local openclaw CLI to restart the gateway and will make network calls (to the local Clash API and to a public URL used for latency tests). Before installing, review and verify: the .env.example contents, the hard-coded OPENCLAW_BIN path (/opt/homebrew/bin/openclaw), what the openclaw CLI does and what credentials it stores, and that your Clash API is local and trusted. If you plan to deploy as a service (systemd/LaunchAgent), inspect or create the service/Plist files yourself rather than blindly loading unreviewed units. If you cannot audit or trust these scripts, avoid running them as-is or run them in a controlled environment (test machine/container) first.

Like a lobster shell, security has layers — review code before you run it.

latestvk979nj4gs40zgm9hckjmdfee51829n1j

384downloads

0stars

1versions

Updated 14h ago

v0.1.0

MIT-0

OpenClaw 维护脚本合集

用于保障 OpenClaw 稳定运行的本地维护脚本（监控、重启、日志清理、网络代理健康检查）。

功能特性

Gateway 看护 - 自动检测 Gateway 健康状态，异常时重启
代理健康监控 - 监控消息队列积压，自动切换 VPN/代理节点
安全重启 - 优雅重启 Gateway，避免误判
日志清理 - 自动清理过期日志，防止磁盘占用
跨平台支持 - macOS (LaunchAgent) / Linux (systemd/cron) / NAS

脚本清单

脚本	作用	运行方式
`gateway-watchdog.sh`	Gateway 健康监控	每分钟/常驻
`proxy-health.sh`	代理网络监控	每分钟
`openclaw-safe-restart.sh`	安全重启	手动
`cleanup-logs.sh`	日志清理	每天
`log-cleanup-launchd.sh`	macOS 定时清理	LaunchAgent

安装步骤

# 1. 复制环境变量示例
cp .env.example .env

# 2. 配置环境变量（至少设置 OPENCLAW_NOTIFY_TARGET）
vim .env

# 3. 运行安装脚本
bash install.sh

# 4. 运行自检
bash check.sh

配置说明

环境变量

# 通知目标（Telegram 用户 ID）
OPENCLAW_NOTIFY_TARGET=123456789

# Clash API（可选，用于代理切换）
CLASH_API=http://127.0.0.1:9090
CLASH_SECRET=your-secret

# 积压阈值（消息数）
QUEUE_THRESHOLD=100

系统要求

openclaw CLI
curl
jq
(可选) Clash / Mihomo

部署方式

macOS (推荐)

使用 LaunchAgent 定时/常驻运行：

launchctl load ~/Library/LaunchAgents/ai.openclaw.watchdog.plist

Linux

使用 systemd 或 cron：

sudo systemctl enable --now openclaw-watchdog

NAS

使用任务计划程序定时执行。

使用场景

保障 Gateway 24/7 稳定运行
自动处理网络波动导致的消息积压
定期清理日志防止磁盘占用
多设备统一运维部署

注意事项

首次部署需配置通知目标
Clash API 为可选配置
多设备需分别设置通知 ID
建议配合监控告警使用

版本

0.1.0 - 初始发布

Comments

Loading comments...