System Health Check
ReviewAudited by ClawScan on May 10, 2026.
Overview
This looks like a mostly legitimate health-check skill, but it claims to be read-only while its tests expect persistent failure logging, so users should review its behavior before enabling it.
Before installing or scheduling this skill, confirm whether it only reports to the console or also writes reports and memory logs. If you use it, run it with limited privileges, protect generated reports, and require explicit approval for any chmod, backup, package-install, or persistent logging action.
Findings (7)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may inspect local system paths and produce diagnostic reports if the user invokes these commands.
The skill exposes local OpenClaw health-check commands, including a report-writing option. This is aligned with the health-check purpose, but users should know it runs local diagnostics and may create reports.
openclaw health-check --all openclaw health-check --all --verbose openclaw health-check --all --save-report
Run health checks deliberately, keep saved reports private, and review any remediation commands before executing them.
Health reports could expose whether sensitive client or authentication directories exist and how they are protected.
The skill is expected to access security-relevant auth and client-accounting directories. This is purpose-aligned for a health check, but those paths can reveal sensitive local security and client-data information.
Checks file permissions on /data/auth/ and /data/clients/
Run with the least privileges needed and store any generated reports only in protected locations.
Users have less assurance that the registry entry, homepage, and skill contents correspond to the same reviewed release.
The registry metadata does not identify a source package, and the provided SKILL.md frontmatter declares a different version. This is a provenance and reviewability gap, though no hidden install code is present.
Source: unknown ... Version: 0.1.0
Verify the homepage/repository and version before relying on the skill in a production accounting environment.
Following the setup command may install system packages with elevated privileges.
The setup example includes a user-directed package installation command. Installing dependencies is expected for this kind of CLI health-check skill, but it changes the local environment and uses sudo.
which jq openssl || sudo apt install jq openssl
Install dependencies manually from trusted OS repositories and avoid letting the agent run privileged package commands without explicit approval.
Details about backup failures or system state could persist and influence future agent behavior or be exposed through later memory use.
This expects persistent failure logging into a memory directory. That can retain system-health information for later reuse and is not clearly bounded by retention, contents, or user approval.
Logs this as a system failure to /data/memory/failures/ for pattern detection
Require explicit opt-in for memory logging, document exactly what is stored, and provide retention, deletion, and exclusion controls.
A user may approve the skill believing it never writes anything, while it may still create persistent health/failure records.
This strong read-only claim conflicts with the provided EVALS.json expectation that the skill logs failures to /data/memory/failures/. The safety framing under-discloses a persistent write.
Read-only validation skill. Checks file presence, directory structure, permissions, and backup freshness. Never modifies any data.
Revise the documentation to clearly distinguish read-only checks from report or memory writes, and require user approval for any persistent logging.
If scheduled, the health check may run repeatedly and produce reports or logs without a fresh prompt each time.
The skill is intended for scheduled recurring execution. This is normal for monitoring, but it means users should understand when and where it runs.
Designed to run daily via cron or manually before critical operations.
Only enable cron scheduling after confirming the report location, log behavior, permissions, and retention policy.