Skillv1.2.0

ClawScan security

LLM NeverDie · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 5, 2026, 7:32 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, instructions, and runtime behavior are consistent with its stated purpose (a node-based standalone monitor that reads local OpenClaw logs, writes local state, and optionally sends Telegram alerts); it requests only appropriate local file access and an optional Telegram token and chat ID.
Guidance: This skill appears to do what it claims: it deploys a local Node.js monitor that reads OpenClaw logs, writes local state/alert files, and optionally sends brief Telegram alerts to api.telegram.org. Before installing: (1) verify you are comfortable storing the Telegram bot token/chat ID in ~/.openclaw/workspace/.neverdie-config.json (or as env vars); (2) inspect your gateway.err.log contents to ensure no sensitive data will be incidentally read (the monitor does not transmit log contents, but it scans those files); (3) be aware setup.sh will add a cron job entry to ~/.openclaw/cron/jobs.json so the monitor persists and runs even when LLMs are down; remove that entry manually if you uninstall and the automated uninstall fails; (4) review the bundled scripts (fallback-monitor.js and setup.sh) yourself if you want to confirm there are no changes to the alert text or additional network calls — the provided code only contacts api.telegram.org. Note: there are minor robustness bugs in setup/uninstall node -e calls (a bug in passing CRON_FILE in one uninstall path), which look like sloppy scripting rather than malicious behavior. If you accept those tradeoffs, the skill is coherent with its stated purpose.

Review Dimensions

Purpose & Capability: okName/description (LLM resilience, fallback monitoring) match the included artifacts: a Node.js monitor, a setup script, and SKILL.md with instructions to copy the monitor, register a cron job, and optionally configure Telegram. Required binary (node) is appropriate and proportional.
Instruction Scope: noteInstructions are narrowly scoped: read model IDs from ~/.openclaw/openclaw.json (the provided snippet extracts only the model fields), scan local gateway.err.log for failure patterns, write state/alert files to the workspace, and send short, fixed-format Telegram messages when configured. Caveat: the monitor reads gateway.err.log (local logs can sometimes contain verbose/error payloads), so review your gateway logs if they contain sensitive content. The skill explicitly claims it does not transmit log contents; the code constructs Telegram messages from fixed alert strings, not raw logs.
Install Mechanism: okThis is instruction-only with bundled scripts; there is no remote download or package installation. Files are copied within the user's ~/.openclaw workspace. No external install URLs or extracted archives are used.
Credentials: noteOnly optional credentials requested are the Telegram bot token and chat ID (stored in a local workspace config file or provided via environment variables NEVERDIE_TELEGRAM_TOKEN / NEVERDIE_TELEGRAM_CHAT_ID). No unrelated cloud keys or secrets are required. The monitor reads ~/.openclaw/openclaw.json only to check model IDs per the instructions, and the code paths shown do not read or transmit API keys.
Persistence & Privilege: noteThe setup registers a recurring systemEvent cron job in ~/.openclaw/cron/jobs.json to run the monitor every 5 minutes; this is expected for a standalone monitor and is within the skill's scope. The monitor writes state and alert files to the workspace. It does not modify other skills or global system configuration beyond the OpenClaw cron/jobs.json entry.