Lerwee Fault Handling
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is openly for server fault handling, but it can run scripts and restart or clean remote hosts through an API secret that is not declared in the registry metadata.
Install only if you intentionally want this agent to run operational scripts on your servers. Verify the lwops API endpoint and publisher, use a least-privilege LWJK_API_SECRET, and require manual confirmation of the exact hosts and script content before any restart, cleanup, or multi-host execution.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overly broad instruction could restart services, run arbitrary commands, or alter remote servers.
The skill tells the agent to submit script content to a remote run-script API. This is purpose-aligned for fault handling, but it is a broad remote execution path with no artifact-backed allowlist, dry-run, rollback, or explicit final approval requirement for high-impact scripts.
也可以直接传脚本内容代替脚本 ID: ... --script-content 'systemctl restart nginx'
Require explicit user confirmation of the exact host list and script before execution, restrict use to approved scripts/hosts, and add dry-run, logging, and rollback guidance for destructive operations.
Users may not realize the skill needs an API secret that can authorize changes on remote infrastructure.
This conflicts with the skill documentation and code, which require LWJK_API_SECRET to sign and submit remote run-script requests. The privileged credential boundary is not declared to installers.
Required env vars: none; Env var declarations: none; Primary credential: none
Declare LWJK_API_URL and LWJK_API_SECRET in metadata, document the required API permissions, and use a least-privilege, revocable credential dedicated to this skill.
A wrong host list or script could cause outages across multiple machines instead of a single target.
The workflow supports running the same operation across multiple hosts. The artifacts do not show a maximum host count, staged rollout, or containment checks before service restart or cleanup operations.
多主机用逗号分隔: ... --hosts '192.168.3.76,192.168.3.75' ... --script-id 187
Limit batch size, preview resolved hosts, require confirmation for multi-host runs, and prefer staged execution with stop-on-failure behavior.
Users have less external context to verify who maintains the skill or whether the API endpoint is expected.
For a skill that can control remote servers, missing public source or homepage is a provenance gap, although the reviewed Python file is included and no install script is present.
Source: unknown; Homepage: none
Verify the publisher, code, and API endpoint before providing credentials or using the skill on production hosts.