status-web

Key things to consider before installing: 1) The package's files contain hardcoded paths (/home/admin/openclaw/workspace), expect an 'openclaw' CLI, and will exec shell commands — it needs privileges to read agent memory and run the agent CLI. 2) Several inconsistencies exist: the SKILL.md/start instructions reference different script names/paths than provided (start.sh vs start-server.sh; server.js location), and the module get-scheduled-tasks-simple is required by server.js but not included — the package appears incomplete or mispackaged. 3) The POST /api/chat endpoint can forward messages to the OpenClaw agent using a hardcoded mainSessionId after a simple magic-string check; there is no real authentication. If you expose this server to a network, an attacker who discovers the endpoint or magic phrase could interact with the agent. 4) Recommended actions: run this only in an isolated environment (container or VM), do not bind to 0.0.0.0 on public interfaces, require/implement proper authentication for /api/chat, review and fix path/script mismatches (ensure start script points to the correct server.js and included modules exist), remove or harden any ability to exec the OpenClaw CLI from web-exposed endpoints, and audit the memory files the code will read to confirm no sensitive data is exposed. If you cannot verify or fix these issues, treat the package as untrusted and do not run it on production agents.