ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Discord Doctor

Quick diagnosis and repair for Discord bot, Gateway, OAuth token, and legacy config issues. Checks connectivity, token expiration, and cleans up old Clawdis artifacts.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
1 · 1.9k · 2 current installs · 2 all-time installs
by@jhillock
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (Discord/Clawdbot diagnosis and cleanup) align with the checks and fixes described in SKILL.md. However registry metadata at the top says no required binaries/env, while the SKILL.md metadata declares required binaries (node, curl) — a mismatch. No source/homepage is provided, reducing auditability.
!
Instruction Scope
SKILL.md instructs the agent to inspect processes, check a local gateway (port 18789), run `clawdbot health`, interact with local config (~/.clawdis and ~/Clawdis), remove a launchd plist, move config directories, start/restart the gateway, and run `npx clawdbot configure`. These actions are coherent with its purpose but are destructive and potentially sensitive (file deletion/moves, process restarts, exposing local tokens). The instructions are vague about confirmation prompts, exact working directories for npm installs, and safety checks.
!
Install Mechanism
There is no install spec for the skill itself (instruction-only), but the runtime instructions call `npm install` and `npx`, which will download and execute packages from the network. That runtime download/execute behavior increases risk because it can fetch arbitrary code at the time the skill runs. The SKILL.md also references installing packages like discord.js and strip-ansi without scoping where or how (global vs project).
Credentials
The skill declares no required environment variables or credentials, which is proportionate. However it will read and act on local configuration and OAuth tokens stored by Clawdbot/Clawdis (e.g., suggesting `npx clawdbot configure` to re-authenticate). Access to local token files/config is expected for the purpose but is sensitive; the skill does not declare or document exactly which files it will read.
Persistence & Privilege
The skill does not request always:true and has no install spec, so it does not demand permanent system presence. Autonomous invocation is allowed (platform default) but that alone is not a decisive risk. The SKILL.md's auto-fix behavior can modify user files and start/stop services, which are significant privileges at runtime but are within the stated repair scope.
What to consider before installing
This skill appears to be a local repair tool for Clawdbot/Clawdis and largely does what it says, but exercise caution before installing or letting it run autonomously. Specific things to consider before use: - The SKILL.md will perform destructive actions (remove ~/Library/LaunchAgents/com.clawdis.gateway.plist, move ~/.clawdis to a backup) and start/stop processes — ensure you have backups and understand those changes. - It runs npm install / npx at runtime, which can download and execute code from the network; prefer to run these commands yourself in a controlled environment first so you can inspect what will be installed. - Registry metadata is inconsistent (top-level metadata says no required binaries, embedded SKILL.md metadata requires node and curl). Confirm the runtime requirements and where commands will be executed (which directory, global vs project). - There is no source or homepage to audit. If you need to trust this behavior, ask the publisher for source code or run the SKILL.md steps manually on a test machine/VM before enabling autonomous invocation. - If you decide to use it, run initially without --fix to review diagnostics, and only run --fix after verifying the exact actions and confirming they are safe.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97dr25hgxrgkthkynw2m8rpx57yv44t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🩺 Clawdis
OSmacOS · Linux
Binsnode, curl

SKILL.md

Discord Doctor

Quick diagnosis and repair for Discord/Gateway availability issues, OAuth token problems, and legacy Clawdis configuration conflicts.

Usage

# Check status (diagnostic only)
discord-doctor

# Check and auto-fix issues
discord-doctor --fix

What It Checks

  1. Discord App - Is the Discord desktop app running (optional, for monitoring)
  2. Gateway Process - Is the Clawdbot gateway daemon running
  3. Gateway HTTP - Is the gateway responding on port 18789
  4. Discord Connection - Is the bot actually connected to Discord (via clawdbot health)
  5. Anthropic OAuth - Is your OAuth token valid or expired
  6. Legacy Clawdis - Detects old launchd services and config directories that cause conflicts
  7. Recent Activity - Shows recent Discord sessions

Auto-Fix Capabilities

When run with --fix, it can:

  • Start gateway if not running
  • Install missing npm packages (like discord.js, strip-ansi)
  • Restart gateway after fixing dependencies
  • Remove legacy launchd service (com.clawdis.gateway.plist)
  • Backup legacy config (moves ~/.clawdis to ~/.clawdis-backup)

Common Issues & Fixes

IssueAuto-Fix Action
Gateway not runningStarts gateway on port 18789
Missing npm packagesRuns npm install + installs specific package
Discord disconnectedRestarts gateway to reconnect
OAuth token expiredShows instructions to re-authenticate
Legacy launchd serviceRemoves old com.clawdis.gateway.plist
Legacy ~/.clawdis configMoves to ~/.clawdis-backup

OAuth Token Issues

If you see "Access token EXPIRED", run:

cd ~/Clawdis && npx clawdbot configure

Then select "Anthropic OAuth (Claude Pro/Max)" to re-authenticate.

Legacy Clawdis Migration

If you upgraded from Clawdis to Clawdbot, you may have legacy artifacts causing OAuth token conflicts:

  • Old launchd service: ~/Library/LaunchAgents/com.clawdis.gateway.plist
  • Old config directory: ~/.clawdis/

Run discord-doctor --fix to clean these up automatically.

Example Output

Discord Doctor
Checking Discord and Gateway health...

1. Discord App
   Running (6 processes)

2. Gateway Process
   Running (PID: 66156, uptime: 07:45)

3. Gateway HTTP
   Responding on port 18789

4. Discord Connection
   Discord: ok (@Clawdis) (321ms)

5. Anthropic OAuth
   Valid (expires in 0h 45m)

6. Legacy Clawdis
   No legacy launchd service
   No legacy config directory

7. Recent Discord Activity
   - discord:group:123456789012345678 (21h ago)

Summary
All checks passed! Discord is healthy.

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…