Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
ClawStatus
v1.0.0Real-time dashboard for monitoring OpenClaw devices, agents, sessions, cron jobs, models, and token usage with English/Chinese interface.
⭐ 0· 151·0 current·0 all-time
byNever@neverchenx
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The package implements a dashboard that reads OpenClaw state, probes the gateway TCP port, and runs the 'openclaw status' CLI; these behaviors align with the stated goal of monitoring devices, agents, sessions, cron jobs, models, and token usage.
Instruction Scope
SKILL.md only documents pip install and a clastatus CLI invocation, but the runtime code explicitly reads many files under ~/.openclaw (config, agents, cron runs, subagent runs), invokes an 'openclaw' binary, and checks environment variables (OPENCLAW_BIN, CLAWSTATUS_ENABLE_STATUS_USAGE) that are not declared or documented in metadata or SKILL.md. The instructions give broad runtime discretion (binding host/port) without warning about sensitive file reads or network exposure.
Install Mechanism
No remote download or opaque installer is used. The project is instruction-only with a normal setup.py for pip installation (flask, waitress dependencies). This is low-to-moderate risk and expected for a Python tool.
Credentials
Metadata declares no required env vars, but the code reads OPENCLAW_BIN and CLAWSTATUS_ENABLE_STATUS_USAGE and accesses HOME/.openclaw configuration and session files which commonly contain tokens, credentials, or sensitive state. The default usage example binds to 0.0.0.0 and could expose that data over the network. The tool therefore requires access to potentially sensitive local data that is not explicitly called out in the skill metadata or runtime instructions.
Persistence & Privilege
The skill does not request always:true and will not force inclusion; it writes its own runtime files under ~/.clawstatus (PID and log) which is reasonable for a service. It does not appear to modify other skills' configs or request system-wide privileges.
What to consider before installing
This package appears to be what it says (a monitoring dashboard) but you should review and limit exposure before installing. Steps to consider:
- Inspect ~/.openclaw contents on the host (openclaw.json, sessions, agents, cron runs) to understand what sensitive data would be visible to the dashboard.
- Run the service bound to localhost (avoid the example 0.0.0.0) or behind a firewall/reverse proxy that requires auth, especially if .openclaw contains tokens.
- Review the full clawstatus.py source (it is included) to confirm there are no unexpected network callbacks or external endpoints; the code runs the local 'openclaw' CLI and probes the gateway port.
- Note the code honors OPENCLAW_BIN and CLAWSTATUS_ENABLE_STATUS_USAGE env vars — set these deliberately or leave unset; do not point OPENCLAW_BIN to unknown binaries.
- Consider running in an isolated environment (container or dedicated monitoring host) and limit filesystem permissions so the process can only read the OpenClaw-related paths it needs.
If you want, provide the rest of clawstatus.py (truncated in the listing) and I can re-check for any hidden endpoints or data-exfiltration code to increase confidence.Like a lobster shell, security has layers — review code before you run it.
latestvk975fqz15ac25wzb4pe6rfxyv982yh6e
License
MIT-0
Free to use, modify, and redistribute. No attribution required.