Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
openclaw session inspector
v1.0.3OpenClaw inspector for registering tracked sessions, inspecting stuck or inactive sessions, checking the current session UUID, listing status, and preparing...
⭐ 0· 106·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description align with the code and instructions: the scripts register sessions, scan local session logs under ~/.openclaw/agents, maintain a registry and per-session state under ~/.openclaw/inspector, and prepare platform service units. There are no unrelated credentials, remote downloads, or unexpected binaries required.
Instruction Scope
SKILL.md and the included prompt templates explicitly instruct the inspecting agent to examine recent messages, workspace state, and to use host commands (ps/pgrep, grep/tail/cat, journalctl, ls/stat, git diff, etc.) to verify status. That behavior is coherent with an inspector tool but grants the agent broad read/access to the host environment when invoked — the user should be aware the skill's intended operation includes local filesystem and process inspection.
Install Mechanism
No install spec is provided (instruction-only skill with bundled scripts). The code does write out service helper files (systemd plist, launchd plist, Windows task helper) when asked, but it does not download or execute external code from untrusted URLs.
Credentials
The skill declares no required environment variables or credentials. It does read process.env and merges config.env for runtime configuration (standard behavior). There are no requests for unrelated secrets or cloud credentials.
Persistence & Privilege
The skill is not marked always:true and is user-invocable. It can create service/unit files to run the watcher persistently, but SKILL.md instructs to only install/start/enable the service when the user explicitly requests that action.
Assessment
This inspector appears to do what it says: it monitors local OpenClaw session files, writes per-session state and logs under ~/.openclaw/inspector, and can prepare a background watcher service if you ask it to. Before using or installing it: (1) review registry.json entries so the skill will only notify targets you expect (delivery_channel/account/target fields cause outgoing messages via your OpenClaw tooling), (2) be aware that when invoked the agent is instructed to run host commands and read workspace files to decide STATUS, which is necessary for diagnosis but is broad host access, (3) only install/enable the background service if you trust the skill and understand a persistent process will run with your user privileges, and (4) inspect the runtime files (~/.openclaw/inspector/{registry.json,config.env,state,logs}) periodically and verify the openclaw CLI path if you rely on automated delivery. The code contains minor typos/bugs (e.g., alternate env var name SESSION_INSPACTOR) but nothing in the package appears malicious.scripts/common.js:102
Shell command execution detected (child_process).
scripts/inspector.js:286
Shell command execution detected (child_process).
scripts/watch-registered-sessions.js:298
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk978288q0rsz8pvaynfn8k8ah983va8p
License
MIT-0
Free to use, modify, and redistribute. No attribution required.