ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Gateway Watchdog Discord

v1.0.2

Monitor OpenClaw gateway health with a watchdog state machine, Discord alerts, cooldown dedupe, and isolated fallback deployment on macOS. Use when users wan...

0· 543·0 current·0 all-time
byJonathan Jing@jonathanjing
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (OpenClaw gateway watchdog + Discord alerts) align with required binaries (bash, python3, openclaw), the declared config requirement (channels.discord.enabled), and the included scripts which perform health checks, notify Discord, and optionally restart the gateway.
Instruction Scope
SKILL.md instructs running the included scripts, using OpenClaw cron or a macOS LaunchAgent, and storing runtime data under ~/.openclaw/watchdogs/gateway-discord. The instructions do not ask to read unrelated system files or exfiltrate data to unexpected endpoints; referenced files (openclaw.json and baseline) are relevant to auto-recovery.
Install Mechanism
No remote install/fetch steps are present (instruction-only plus bundled scripts). The provided macOS installer script writes a user LaunchAgent plist into ~/Library/LaunchAgents — expected for the fallback behavior.
Credentials
The skill expects Discord delivery credentials (webhook or bot token + channel ID) via env or a local config.env located in the skill's base dir; these are proportional to sending alerts. The skill can read and restore openclaw.json from a baseline and runs openclaw doctor/restart commands — privileged but consistent with an opt-in auto-recovery feature. Users should note config.env may contain secrets and is sourced by the script.
Persistence & Privilege
The skill does not request always:true and is not forced into every agent run. It offers a user-level LaunchAgent installer that creates/loads a plist in the user's LaunchAgents directory — this is expected for a persistent fallback worker but is a meaningful change to user launchd state and requires user confirmation before loading.
Assessment
This skill appears to do what it claims, but review and control the following before installing: 1) Inspect ~/.openclaw/watchdogs/gateway-discord/config.env before sourcing it (it may contain Discord tokens); 2) Prefer webhook mode (DISCORD_WEBHOOK_URL) if you want single-channel alerts and simpler permissions; 3) Test manually (GW_WATCHDOG_ENABLE_RESTART=0) before enabling auto-restart to avoid unexpected restarts; 4) If using the macOS installer, review the generated plist and only bootstrap it if you trust the behavior (it will create a LaunchAgent in your user domain); 5) Confirm the OpenClaw CLI path used by the script matches your expected install to avoid unintended commands. If you want extra assurance, run the script in a controlled/test environment and inspect event logs under ~/.openclaw/watchdogs/gateway-discord/.

Like a lobster shell, security has layers — review code before you run it.

latestvk970hzqc530kv5tn5fjj4kgxs9829hv5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🚨 Clawdis
Binsbash, python3, openclaw
Configchannels.discord.enabled

Comments