SRE Log Analytics
v0.1.0Analyze system logs by time range using Google SRE framework to summarize operation, classify errors, score health, and suggest improvements.
⭐ 0· 96·0 current·0 all-time
by@roryyu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name and description match the declared contents: an instruction-only SRE-style log analysis workflow. The steps (time-range filtering, error aggregation, health scoring, report generation) are appropriate and expected for a log-analysis skill.
Instruction Scope
The SKILL.md explicitly instructs the agent to locate and read system/application logs (mentions /var/log/, tail/head, grep/awk logic). That is necessary for the stated purpose. However the instructions are high-level and allow reading arbitrary log files; they also mention optional exporting/sharing (e.g., Feishu cloud document) without specifying credentials or safeguards. This introduces a potential data-exfiltration vector if the agent is allowed to post logs externally or if sensitive secrets appear in logs. No explicit instructions ask for unrelated system data or environment variables.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest-risk install surface. Nothing is downloaded or written to disk by an installer.
Credentials
The skill requires no environment variables or credentials, which is proportionate for a guidance-only log analysis tool. One mismatch to be aware of: SKILL.md mentions creating Feishu cloud documents for sharing, but the skill does not declare or request any Feishu credentials. If you enable such sharing, you would need to provide credentials separately; the skill does not manage or limit that flow.
Persistence & Privilege
The skill does not request persistent presence (always:false) and does not attempt to modify other skills or system configurations. Autonomous invocation by the agent is enabled by platform default (not a unique risk here).
Assessment
This skill appears coherent for its stated purpose, but take these precautions before installing/using it: 1) Logs often contain sensitive data (API keys, tokens, PII). Only run this against logs you are allowed to inspect and consider redacting secrets before sharing. 2) The skill mentions optional external sharing (Feishu) but does not declare any credentials — do not supply Feishu or other cloud credentials to the skill unless you trust where the data will be sent. 3) Because instructions allow the agent to read arbitrary log paths (e.g., /var/log/ or app logs), ensure the agent runs with least privilege and test on non-sensitive sample logs first. 4) If you plan to allow autonomous runs, configure clear prompts/consent and limits on external uploads. If you want stronger assurances, request a version that includes explicit safeguards (credential requirements for external sharing, opt-in prompts before sending logs externally, redaction rules).Like a lobster shell, security has layers — review code before you run it.
latestvk97en82sjz9kwf4vesj7dyer1s835ytd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.