ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Watch Dog

Self-healing monitoring system for OpenClaw gateway. Auto-detects failures, fixes crashes, and sends Telegram alerts.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
1 · 1.9k · 6 current installs · 6 all-time installs
byAbdullah AlRashoudi@Abdullah4AI
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description align with what the files do: monitor a local health endpoint, restart the gateway, and send Telegram alerts. Required binaries (python3, openssl) and the Telegram token/chat ID match the stated purpose.
Instruction Scope
Runtime instructions request the Telegram token and chat ID (necessary to send alerts) and instruct running the included setup script which installs a user-level service and copies code to ~/.openclaw/watchdog. The skill reads OpenClaw logs and config (e.g., ~/.openclaw/openclaw.json) for diagnosis and auto-detection of the gateway port — this is within scope for a gateway watchdog but worth noting because it accesses user config/log files. The SKILL.md asks users to paste secrets into agent chat; users should be cautious about pasting secrets into conversational UIs.
Install Mechanism
No external downloads or remote installers: the package includes setup scripts that create a venv, install a small Python dependency (aiohttp), and install a user LaunchAgent/systemd service. This is a local, traceable install with no remote code fetches at install time.
Credentials
Declared required env vars (TELEGRAM_TOKEN, TELEGRAM_CHAT_ID) are appropriate. The setup scripts accept optional --openai-key and --anthropic-key and will store them encrypted if provided; those optional AI keys are not declared as required in metadata and are not used elsewhere in current code — this is not malicious but is an extra data collection surface the user should be aware of.
Persistence & Privilege
The skill installs a user-level persistent service (LaunchAgent or systemd user) which is expected for a watchdog. It does not request system-wide elevated privileges. Note: SKILL.md metadata includes a disableModelInvocation flag, but registry flags show model invocation is allowed; this mismatch is informational (it affects platform behavior) but not a code-level risk.
Assessment
This skill appears to do what it says: monitor OpenClaw locally and notify your Telegram bot. Before installing: 1) inspect the included scripts yourself or run them inside a controlled environment; 2) do not paste unrelated secrets into the chat — only provide the Telegram token/chat ID that you intend to use for alerts; 3) be aware the installer can optionally accept OpenAI/Anthropic keys and will store them encrypted locally if you provide them — only supply those if you understand why you need them; 4) the service can run npm install -g openclaw to reinstall the gateway, but it only does that after an explicit local approval file is created by you; 5) verify you trust the repository/source (homepage is provided) before granting persistent background execution. If you want higher assurance, run the setup steps manually rather than via an agent message.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.3.0
Download zip
latestvk975m5ejeykc4ck343bf9th65181e9pw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🐕 Clawdis
Binspython3, openssl
EnvTELEGRAM_TOKEN, TELEGRAM_CHAT_ID

SKILL.md

openclaw-watchdog

Description: Self-healing monitoring system for OpenClaw gateway. Monitors health, auto-restarts on failure, and sends Telegram alerts. Diagnostics and log analysis run locally on-device. Alert notifications are sent to the user's Telegram bot. Use when user wants to set up gateway monitoring, watchdog, or auto-recovery.

Prerequisites

  • Telegram Bot Token — Create via @BotFather
  • Telegram Chat ID — Your personal chat ID for receiving alerts
  • Python 3 — Required for the watchdog service
  • OpenClaw — Installed and running

Trigger Keywords

  • watchdog, monitoring, auto-fix, gateway health, self-healing, auto-recovery, watch dog

Setup

Send the user ONE message with everything they need:

🐕 Watch Dog — Self-Healing Gateway Monitor

Watch Dog is a background service that pings your OpenClaw gateway every 15 seconds. If the gateway goes down, it automatically attempts to restart it and sends you Telegram alerts so you're always in the loop. All diagnostics run locally on your device.

To set it up, I need:

  1. Telegram Bot Token — Create a bot via @BotFather on Telegram, then send me the token (looks like 123456:ABC-DEF...)

  2. Your Telegram Chat ID — Send /start to your bot, then visit https://api.telegram.org/bot<YOUR_TOKEN>/getUpdates to find your chat ID

Send me the token and chat ID and I'll handle the rest (including a test run to make sure everything works)!

After Receiving Credentials

Run these steps in order:

1. Validate credentials

python3 ~/.openclaw/workspace/openclaw-watchdog/scripts/validate.py "$TELEGRAM_TOKEN"

2. Run setup script

chmod +x ~/.openclaw/workspace/openclaw-watchdog/scripts/setup.sh
~/.openclaw/workspace/openclaw-watchdog/scripts/setup.sh \
  --telegram-token "$TELEGRAM_TOKEN" \
  --telegram-chat-id "$TELEGRAM_CHAT_ID" \
  --gateway-port "$GATEWAY_PORT"  # optional, auto-detected from openclaw.json

3. Connect via Telegram (Pairing)

python3 ~/.openclaw/workspace/openclaw-watchdog/scripts/test-message.py "$TELEGRAM_TOKEN" "$TELEGRAM_CHAT_ID"

Wait for user to confirm they received the Telegram message before proceeding.

4. Verify it's running

# Check service status
if [[ "$(uname)" == "Darwin" ]]; then
  launchctl list | grep openclaw.watchdog
else
  systemctl --user status openclaw-watchdog
fi

# Check logs
tail -20 ~/.openclaw/watchdog/watchdog.log

5. Confirm to user

Tell them Watch Dog is active, what it monitors, and that they'll get Telegram alerts if anything goes wrong.

How It Works

  • Pings gateway health endpoint every 15 seconds (auto-detects port from config, or set via --gateway-port)
  • After 3 consecutive failures, attempts openclaw gateway restart
  • Up to 2 restart attempts, then asks user for reinstall permission via Telegram
  • User approves by running: touch ~/.openclaw/watchdog/approve-reinstall
  • Without approval, only sends notifications — no destructive actions
  • Local pattern-matching diagnostics (no logs sent externally)
  • Runs as macOS LaunchAgent or Linux systemd user service
  • Credentials encrypted with AES-256 using machine-specific key

Uninstall

if [[ "$(uname)" == "Darwin" ]]; then
  launchctl unload ~/Library/LaunchAgents/com.openclaw.watchdog.plist 2>/dev/null
  rm -f ~/Library/LaunchAgents/com.openclaw.watchdog.plist
else
  systemctl --user stop openclaw-watchdog 2>/dev/null
  systemctl --user disable openclaw-watchdog 2>/dev/null
  rm -f ~/.config/systemd/user/openclaw-watchdog.service
fi
rm -rf ~/.openclaw/watchdog

Files

13 total
Select a file
Select a file to preview.

Comments

Loading comments…