ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Dead Man's Switch

v0.1.0

Self-healing infrastructure guardian. Monitors services, diagnoses failures, executes recovery playbooks, and learns from incidents.

0· 41·0 current·0 all-time
by@peres84
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description align with the actions in SKILL.md: it monitors services (nginx, tailscale), checks disk/processes, and runs recovery steps. Required binaries (tailscale, nginx, curl, systemctl) are reasonable for this purpose. Minor mismatch: the runtime instructions assume additional helper tools (dms_recover, dms_status, openclaw CLI, sudo) and scripts (/usr/local/bin/..., /usr/local/bin/openclaw-skills/*) that are not listed in the declared required binaries or manifest — this is an omission that can break the skill or hide extra dependencies.
!
Instruction Scope
The playbooks instruct the agent to run many privileged operations (sudo systemctl restart, journalctl, truncate logs, find -delete, docker prune) and to read many system paths (/etc/nginx, /var/log, ~/.openclaw). Those actions are coherent for recovery tasks but are high-impact. The instructions also direct the agent to query external MCPs (Tavily, ElevenLabs) with raw error text and to incorporate learned fixes into local playbooks — that means potentially sending potentially sensitive error/log content to external services. The skill does not declare or justify where credentials for those external services are stored.
Install Mechanism
No install spec — instruction-only. Lowest file-write footprint from the registry side. However, the instructions assume preinstalled scripts and sudoers entries (e.g., tailscale-funnel-start.sh and sudoers.d entry) which are not included; those must already exist on the host for full functionality.
!
Credentials
The skill declares no required environment variables, yet it references external services (ElevenLabs, Tavily) and platform tooling (dms_recover, dms_status, openclaw) that normally require credentials or configuration. There is also an implicit need for elevated privileges (sudo) to restart services and modify logs. The lack of declared credentials/config paths makes it unclear how sensitive data or API keys would be handled or stored.
Persistence & Privilege
The skill is not forced-always and may be invoked manually or via cron it creates. It explicitly instructs creating cron jobs (openclaw cron add) when recurring failures are detected — this is consistent with its purpose but increases runtime autonomy and blast radius if abused. It also expects NOPASSWD sudoers entries for at least one tailscale script; adding such sudoers rules is a privileged action a user should review carefully.
What to consider before installing
What to check before installing or running this skill: - Privileges: This skill expects to run many sudo commands (restart services, truncate logs, delete files). Only install on hosts where you are comfortable granting that level of control. Review and test each command in a safe environment first. - Missing/implicit dependencies: The SKILL.md uses helper tools (dms_recover, dms_status, openclaw CLI) and expects scripts under /usr/local/bin and a sudoers NOPASSWD entry. Those are not bundled. Confirm these tools/scripts exist and inspect them before use. - External services: The playbooks instruct the agent to query external MCPs (Tavily) and to optionally use ElevenLabs for voice alerts. Using those will send error messages and possibly other system output off-host. If you cannot or should not transmit such data, disable those steps or ensure API keys and the endpoints are trusted and auditable. - File operations: The disk playbook deletes older logs and truncates large logs and will prune Docker artifacts if present. Make backups if logs or images are important. Note the skill explicitly warns not to remove application code, DB files, SSH keys, and the fix log — still, review any destructive find/delete commands before running. - Cron/autonomy: The skill will create cron jobs when a recurrence threshold is met. If you want to avoid autonomous periodic fixes, deny cron creation or review cron rules it proposes. - Audit the scripts: Before allowing this skill to act, inspect the actual scripts it expects to run (e.g., /usr/local/bin/tailscale-funnel-start.sh, nginx-check.sh, process-restart.sh). The registry only contains playbooks; the real behavior depends on those local scripts. - Questions to ask the publisher or to verify locally: Where do dms_recover and dms_status come from? Where would ElevenLabs/Tavily credentials be stored and who has access? Are the suggested sudoers rules acceptable for your security posture? Do the /usr/local/bin scripts exist and are their contents safe? Given these gaps (undeclared helper tools, external queries, and sudo usage), treat this skill as high-impact and review/lock down environment and scripts before enabling automatic operation.

Like a lobster shell, security has layers — review code before you run it.

infrastructurevk9732hbyshdw1psmb8y4d9dfnh83rehglatestvk9732hbyshdw1psmb8y4d9dfnh83rehglinuxvk9732hbyshdw1psmb8y4d9dfnh83rehgmonitoringvk9732hbyshdw1psmb8y4d9dfnh83rehgself-healingvk9732hbyshdw1psmb8y4d9dfnh83rehg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦞 Clawdis
OSLinux
Binstailscale, nginx, curl, systemctl

Comments