Openclaw Guardian
v0.1.0Deploy and manage a Guardian watchdog process for OpenClaw Gateway. Provides automated health monitoring, self-repair via `doctor --fix`, git-based workspace...
⭐ 0· 569·4 current·4 all-time
byLeo Ye@leoyeai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The SKILL.md describes copying a concrete script (scripts/guardian.sh) and references files (references/setup.md) that would be required for the skill to function, but the skill bundle contains no code files at all. Asking the user to 'copy from this skill' is inconsistent when no files are provided. The claimed capabilities (automated restart, git rollback, daily snapshots, Discord alerts) would legitimately require a delivered script or tooling; that artifact is missing.
Instruction Scope
The instructions tell the operator to run commands that read/modify their ~/.openclaw/workspace, initialize git, perform git reset --hard (rollback), pkill, and modify start scripts to auto-launch the guardian. Those actions are powerful and potentially destructive (git reset --hard will discard uncommitted/local changes). The SKILL.md also references optional DISCORD_WEBHOOK_URL for external alerting; because the actual implementation is absent, it's unclear what data would be sent externally. The instructions grant broad discretionary actions (rollback logic, auto-backups) without providing the code that would implement safeguards.
Install Mechanism
No install spec is provided (instruction-only), which minimizes direct installer risk but increases risk here because the SKILL.md promises files to copy that are not bundled. An expectation that the skill will supply scripts is inconsistent with the lack of any install or code artifacts.
Credentials
The registry metadata declares no required env vars, yet the runtime instructions reference DISCORD_WEBHOOK_URL and expect edits to a user's start scripts and workspace location (~/.openclaw/...). The skill does not declare or justify access to these paths or to any external webhook credential; that mismatch reduces transparency and could lead operators to export a webhook without knowing what will be transmitted.
Persistence & Privilege
The skill does not request always:true and does not itself modify agent/system config. However the guidance instructs the user to add the guardian to their auto-start scripts or systemd and to alter ~/.openclaw/start-gateway.sh, which grants the guardian persistent presence on the host if the user follows instructions. That persistence is user-controlled (manual edits) but the skill's lack of bundled code means users would be attempting to source a script from an unknown location.
What to consider before installing
Do not run the commands in this SKILL.md as-is. The skill claims a guardian script (scripts/guardian.sh) and references/setup docs that are not included — ask the publisher for the actual guardian.sh and references/setup.md and review their full contents before executing. In particular: back up ~/.openclaw/workspace first (git reset --hard can irreversibly discard work), inspect any script for network calls or webhook transmissions before exporting DISCORD_WEBHOOK_URL, and prefer to run the script in a test environment or container. If the maintainer cannot provide the missing files or a trustworthy source (a public repo or release), consider the skill untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk976gbem8ps9fp49y4ejqbp6y1824kxs
License
MIT-0
Free to use, modify, and redistribute. No attribution required.