中文 集群监控
AdvisoryAudited by Static analysis on May 8, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could disrupt services, kill the wrong process, or remove data while trying to fix a cluster issue.
The instructions move beyond passive monitoring and tell the agent to attempt repairs, terminate processes, and delete old data when conditions are detected, without requiring explicit user approval or defining safe limits.
如果检测到服务关闭: 1. 记录问题到 memory.md 2. 尝试重启服务 ... | 端口被占用 | 使用 `lsof` 查找并终止进程 | | 磁盘已满 | 清理日志,删除旧数据 |
Require explicit user confirmation before any restart, process termination, SSH tunnel change, log cleanup, or data deletion, and limit actions to named services and paths.
Installing this skill could lead the agent to request or use elevated privileges to change system service state.
These commands require administrator-level host privileges, but the skill does not specify when to ask the user, how to limit privilege use, or how to verify the target services safely.
# 重启 PKM API sudo systemctl restart pkm-api # 重启 Qdrant sudo systemctl restart qdrant
Treat sudo/systemctl actions as manual, user-approved operations only, and document the exact services, hosts, and rollback steps.
Operational details about the user's local cluster could be shared outside the conversation unexpectedly.
The skill directs notification to a named recipient without defining who that person is, what channel to use, what information is shared, or whether the current user must approve it.
3. 如果重启失败,通知 Alexandre
Remove the automatic notification step or require explicit user approval with a disclosed recipient, channel, and message content.
Cluster status, service names, and troubleshooting history may persist across future tasks.
The skill persists incident and repair information to memory.md, which is purpose-aligned for operations logging but lacks a defined path, retention policy, and reuse boundary.
1. 记录问题到 memory.md ... 4. 记录修复尝试
Keep any memory.md log scoped to this cluster, avoid secrets or sensitive incident details, and give users a way to review and delete it.
Users may not realize the skill expects local command execution tools and administrative service controls.
The instruction-only skill depends on several local binaries and privileged utilities, while the registry metadata declares no required binaries; this is an under-declared operational surface rather than hidden code.
curl -s http://localhost:8001/health ... python3 -c ... sudo systemctl restart pkm-api ... openclaw gateway restart
Declare the expected binaries and clarify which commands are read-only checks versus privileged maintenance actions.