Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Claw Sos
v6.1.2Install, run, and manage the SOS emergency recovery tool for OpenClaw instances. Use when (1) the bot stops responding on Telegram/Discord and needs diagnosi...
⭐ 0· 104·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (SOS emergency recovery for OpenClaw) align with the included scripts: sos.sh implements diagnostics, restart/kill/rollback, network checks, Telegram test, and logging; install/uninstall scripts match the expected need to place a helper binary in /usr/local/bin. No unrelated credentials or unrelated platform APIs are requested.
Instruction Scope
SKILL.md and sos.sh stay within recovery scope: they read the OpenClaw config (openclaw.json), inspect processes, logs, services (systemd/launchctl), run network checks (DNS/HTTP), and optionally send a Telegram test using the already-configured bot token. The instructions do ask the operator to scp/ssh as root for remote installs and to run potentially destructive actions (force kill / nuclear), which is appropriate for an emergency tool but requires explicit user consent when performed.
Install Mechanism
No packaged install spec in registry; install.sh offers installing by copying the bundled script or via curl to a raw.githubusercontent.com URL (GitHub raw). Using GitHub raw is a known release host (reasonable), but piping raw install scripts to bash (curl | bash) is inherently riskier — standard caution applies. No downloads from obscure hosts or shorteners were observed.
Credentials
The skill declares no required env vars and does not request external secrets. The script reads OPENCLAW_HOME (optional) and openclaw.json to access the existing OpenClaw configuration (including the bot token already configured there) in order to run Telegram tests; this is proportional to its stated purpose. The script requires privileged operations (systemctl, killing processes) which is expected for a recovery tool.
Persistence & Privilege
always:false and user-invocable:true. The skill does write logs to ~/.openclaw/backups/sos.log and may start/stop services or run node to start a gateway — actions appropriate for recovery. It does not request to persist as a platform-wide skill or modify other skills' configs.
Assessment
This skill appears to do what it says: an on-host emergency recovery helper for OpenClaw. Before installing or running it, consider: (1) Review openclaw.json — the script will read your OpenClaw config (including any bot token) to run Telegram tests; ensure you trust local config usage. (2) The installer offers a curl|bash option; prefer copying the provided sos.sh and inspecting it yourself rather than piping remote code directly into a shell. (3) Recovery actions (force kill, nuclear) are destructive by design — run them only when you understand the consequences and have backups (sos logs and config backups are stored at ~/.openclaw/backups/). (4) The script needs privileges to manage services and kill processes; run as an authorized administrator and audit activity in ~/.openclaw/backups/sos.log. If you want greater assurance, inspect the full sos.sh contents (you have them in the bundle) to confirm there are no network endpoints beyond common checks (google.com, Telegram endpoints) and no unexpected remote uploads.Like a lobster shell, security has layers — review code before you run it.
devopsvk97e0sem9yz7jbxnn9rdjv4yes83cs0remergencyvk97e0sem9yz7jbxnn9rdjv4yes83cs0rlatestvk97ckp0yhvttdz6314586ez1n583rxm7recoveryvk97e0sem9yz7jbxnn9rdjv4yes83cs0r
License
MIT-0
Free to use, modify, and redistribute. No attribution required.