Task Monitor
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The dashboard is purpose-aligned, but it exposes OpenClaw session, cron, and prompt-derived task details on a LAN web server without visible access controls.
Install only if you are comfortable running a local web server that can show OpenClaw session, cron, and task-description data. Prefer localhost-only access, stop the server when finished, and avoid using it on untrusted networks unless authentication or network filtering is added.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who can reach port 3030 on the local network may be able to view OpenClaw session/task metadata and prompt-derived task descriptions.
The dashboard is intentionally reachable on the LAN and exposes internal agent/session data, including sub-agent descriptions, while the artifacts do not show authentication, authorization, or redaction.
The server will start on port **3030** and be accessible on your local network. ... The dashboard exposes a JSON API endpoint ... "subagents": [ { "description": "Processing user request..." } ]Bind to localhost by default, add authentication or an allowlist before LAN exposure, and clearly warn users what session data is served.
Private task prompts or sensitive details from session transcripts can appear in the dashboard or generated markdown.
The skill reads persistent OpenClaw session transcripts and turns the first user message into a displayed task description. This is purpose-aligned but may reuse sensitive prompt content.
const transcriptPath = path.join(process.env.HOME, '.openclaw/agents/main/sessions', `${sessionId}.jsonl`); ... const firstMessage = JSON.parse(lines[0]); ... return text + (firstMessage.content.length > 80 ? '...' : '');Add redaction, path/scope controls, and a clear warning that transcript-derived prompt snippets may be displayed.
The dashboard can read whatever session and cron information the local OpenClaw CLI can list.
The server runs local shell commands to query OpenClaw state. The commands are fixed and purpose-aligned, but they rely on the local OpenClaw CLI authority.
await execAsync('openclaw sessions list --json', { timeout: 10000 }); ... await execAsync('openclaw cron list --json', { timeout: 10000 });Run it only in an environment where exposing that local OpenClaw state is acceptable.
The LAN-accessible dashboard may remain available after the initial session if the user forgets to stop it.
The server is started as a background process and records a PID file. This is disclosed and has a stop script, but it will continue running until stopped.
nohup node "$SERVER_SCRIPT" >> "$LOG_FILE" 2>&1 & echo $! > "$PID_FILE"
Stop the server when not in use and consider binding it to localhost unless LAN access is required.
Installing later could resolve to a different compatible Express release than the one originally tested.
The skill depends on an npm package using a semver range. This is normal for a Node/Express dashboard, but the artifact set does not include a lockfile or install spec.
"dependencies": {
"express": "^4.22.1"
}Use a lockfile or pinned dependency versions for reproducible installs.