Openclaw Whisperer
Comprehensive diagnostic, error-fixing, and skill recommendation tool for OpenClaw
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 0 · 1.1k · 1 current installs · 3 all-time installs
MIT-0
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name/description (diagnostic + auto-fix + recommendations) align with included Python scripts and data files. Requiring python3 and installing small Python deps is proportionate. However, the skill's docs and fix-recipes reference provider API keys, gateway tokens, channel tokens and installation of third-party binaries (docker pull, wget, npm install -g, openclaw skills install). The registry metadata declares no required env vars, which is inconsistent with the many references to sensitive environment variables and external integrations in the code and docs.
Instruction Scope
SKILL.md and the included references/fix-recipes instruct the agent to run commands that modify configs, kill processes, start system services (systemctl start docker), perform network operations (docker pull, wget from GitHub releases, npm install -g), and run interactive setup flows. Those actions are within a diagnostic tool's remit but expand the scope to system-level changes and network I/O. The SECURITY.md asserts 'No network calls to external services' but fix recipes clearly include network operations — a direct contradiction.
Install Mechanism
The declared install step is a simple pip install of common Python libs (click, rich, requests, beautifulsoup4) which is low risk. However, the package includes a self-updater and recipes that download binaries or images (wget, docker pull, npm installs). Those runtime downloads are not part of the declared install spec and raise risk because they pull code/assets from external sources at runtime.
Credentials
The skill declares no required env vars, yet the data and references list many sensitive variables (OPENAI_API_KEY, ANTHROPIC_API_KEY, GATEWAY_TOKEN, channel tokens, Slack/Discord tokens, etc.) and fix recipes read/modify openclaw.json, .env and may template or inject values. That mismatch is suspicious: the skill appears designed to operate with secrets and external integrations but does not declare or request those explicitly. The user must understand where secrets are read/written and whether the skill transmits them.
Persistence & Privilege
always:false (good). The skill includes a self-updater, fix logging/backups, and can run commands that change system state (install packages, start/stop services). Autonomous invocation is allowed (disable-model-invocation:false) which is normal, but combined with the ability to perform network downloads and system commands it increases blast radius. The skill does not request to be always-enabled or to modify other skills' configs directly in the manifest, but it does include instructions (openclaw skills install ...) that could change the agent's skill set at runtime.
What to consider before installing
This repository looks like a legitimate diagnostic/repair tool, but several red flags mean you should not run it blindly: 1) SECURITY.md claims 'no network calls', yet fix-recipes and references include docker pull, wget (GitHub release), npm installs and openclaw skill installs — ask the author to clarify and provide an explicit network policy. 2) The package does not declare any required environment variables, but many recipes reference sensitive tokens (OPENAI_API_KEY, GATEWAY_TOKEN, Slack/Discord tokens). Verify exactly when/where the tool will read or transmit secrets and avoid providing credentials until reviewed. 3) Several fix recipes run destructive system commands (kill -9, systemctl start, cp/mv, chmod) and shell pipelines (lsof | xargs kill) — inspect how the Python code executes recipe commands (does it use shell=True?) and test in a safe environment first. 4) The self-updater and runtime downloads increase risk; prefer running the code in an isolated/sandboxed environment or container, review/upstream hashes for downloaded artifacts, and disable automatic updates until you trust the source. If you plan to use auto-fix features, back up your openclaw.json and relevant data first and enable interactive confirmation for risky recipes. If possible, request the maintainer to: (a) document exact network endpoints used, (b) declare required env vars in the manifest, and (c) remove or explicitly mark any remote-download steps so you can vet them before execution.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.2.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🏥 Clawdis
Binspython3
SKILL.md
OpenClaw Whisperer
Ultimate diagnostic, error-fixing, and skill recommendation tool for OpenClaw.
What's New in v1.1.0
- Complementary Skills - Discover skills that work together (10 skill relationships)
- Diagnostic Hooks - GitHub/Slack/Discord integration for error notifications (9 hook configs)
- Recovery Tracking - Track fix execution history and success rates
- Smart Scoring - Enhanced recommendations with complementary skill bonus scoring
- Rich Display - Improved CLI panels and formatting for suggestions
When to Use
Activate when user wants to:
- Diagnose OpenClaw errors or issues
- Auto-fix common problems
- Find and recommend ClawHub skills with complementary suggestions
- Run extended health checks
- Setup OpenClaw for first time
- Update documentation and caches
- Track fix execution history
Available Tools
Error Fixer
Diagnose and auto-fix OpenClaw errors with diagnostic hooks and recovery tracking.
# Diagnose by error code (triggers diagnostic hooks if configured)
python3 {baseDir}/scripts/error-fixer.py --error 401
# Analyze log file with recovery suggestions
python3 {baseDir}/scripts/error-fixer.py --input /path/to/log
# Auto-fix safe issues (tracks execution history)
python3 {baseDir}/scripts/error-fixer.py --error EADDRINUSE --auto-fix
# List errors by category with fix history
python3 {baseDir}/scripts/error-fixer.py --category authentication
# View fix execution history
python3 {baseDir}/scripts/error-fixer.py --show-history
# Test notification hooks (GitHub/Slack/Discord)
python3 {baseDir}/scripts/error-fixer.py --test-hooks
Skill Recommender
Smart ClawHub skill recommendations with complementary skill detection.
# Recommend for channel (includes complementary skills)
python3 {baseDir}/scripts/skill-recommender.py --channel whatsapp --top 5
# Recommend by use case with bonus scoring
python3 {baseDir}/scripts/skill-recommender.py --use-case "image generation"
# Auto-detect from config (enriched with complementary metadata)
python3 {baseDir}/scripts/skill-recommender.py --auto-detect
# Check for updates
python3 {baseDir}/scripts/skill-recommender.py --check-updates
# View complementary skills for installed skill
python3 {baseDir}/scripts/skill-recommender.py --complementary-for image-generator-pro
Enhanced Doctor
Extended diagnostic checks.
# Full diagnostics
python3 {baseDir}/scripts/enhanced-doctor.py
# Deep scan with log analysis
python3 {baseDir}/scripts/enhanced-doctor.py --deep
# JSON output
python3 {baseDir}/scripts/enhanced-doctor.py --json
Self-Updater
Keep references and caches current.
# Check what's outdated
python3 {baseDir}/scripts/self-updater.py --check
# Update everything
python3 {baseDir}/scripts/self-updater.py --update
# Update only skill cache
python3 {baseDir}/scripts/self-updater.py --update --skills-only
Setup Wizard
Interactive first-time setup.
# Interactive setup
python3 {baseDir}/scripts/setup-wizard.py
# Check prerequisites only
python3 {baseDir}/scripts/setup-wizard.py --check-only
Reference Files
- Error Catalog - Master error index
- Auto-Fix Capabilities - Safe vs manual fixes
- Diagnostic Commands - CLI quick reference
- Troubleshooting Workflow - Decision tree
- Authentication Errors - Auth issues
- Rate Limiting Errors - Quota management
- Gateway Errors - Network issues
- Channel Errors - Channel-specific
- Sandbox Errors - Docker issues
- Configuration Errors - Config problems
- Installation Errors - Setup issues
- ClawHub Integration - Skill management
Data Files (v1.1.0)
- complementary-skills.json - 10 skill relationships
- integration-hooks.json - 9 notification hook configs
- fix-execution-history.json - Fix tracking metadata
Templates
- Error Report - Diagnostic output format
- Recommendation Report - Skill suggestions format
Files
50 totalSelect a file
Select a file to preview.
Comments
Loading comments…