ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Server Health Agent

Monitor VPS and server health metrics including real-time CPU usage, RAM utilization, disk usage, and Docker container status. Useful for DevOps monitoring,...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 691 · 5 current installs · 5 all-time installs
bySanjay Jain@sanjay-gthb
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the code: the skill runs read-only system commands (top, free, df, docker) and Node.js fallbacks to produce server metrics. One minor mismatch: the SKILL metadata/requirements list no required binaries even though the code expects standard system utilities (top, free, df, docker). This is likely an omission, not malicious, but means the platform should ensure those binaries exist.
Instruction Scope
SKILL.md and skill.js limit actions to collecting system metrics and printing structured JSON. The instructions do not reference unrelated files, undisclosed env vars, external endpoints, or 'use your judgment' style broad data collection. The skill logs and returns only local metrics (including Docker container names/status), which is consistent with its stated purpose.
Install Mechanism
There is no automated install step (instruction-only skill with included code). No downloads from arbitrary URLs or archive extraction occur. The README suggests copying the folder into the workspace and restarting OpenClaw, which is standard for local skills.
Credentials
The skill requests no environment variables or external credentials. It does require shell access to execute system commands, which is proportionate to gathering host metrics. The only implicit requirement is access to the Docker socket/CLI if Docker container status is desired — this is expected for the feature.
Persistence & Privilege
The skill is not marked always:true and is user-invocable only. However, it requires shell execution permission (declared in SKILL.md) and will therefore run system commands with whatever privileges the agent process has. That privilege is necessary for its function but means it will see anything the agent user can read (including containers if Docker socket is available).
Assessment
This skill appears to do what it says: run read-only system commands to return CPU, RAM, disk, and Docker status. Before installing, consider: 1) The agent must have shell access — run the agent with least privilege so the skill only sees what you want it to (avoid running the agent as root if unnecessary). 2) If you do not want container names/status exposed, ensure the agent cannot access the Docker socket/CLI. 3) The SKILL metadata doesn't list required binaries (top, free, df, docker) — check your host has compatible utilities or rely on Node.js fallbacks. 4) Because the code uses child_process.exec, review the code and keep it under source control so you can detect future modifications. If you are comfortable with those points, the skill is internally consistent with its stated purpose.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk975myf4gyt86a250r1b0bhjp181hyqelatest monitoring devops server health vps dockervk975myf4gyt86a250r1b0bhjp181hyqemonitoring, devops, server, health, docker, vpsvk975myf4gyt86a250r1b0bhjp181hyqe

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Server Health Agent

Server Health Agent is a production-ready OpenClaw skill designed to provide real-time monitoring of key server health metrics. It helps developers, DevOps engineers, and system administrators quickly assess the operational health of their VPS or server.

This skill executes safe system-level read-only commands to collect accurate health metrics without modifying the system.

Key Features

Real-Time CPU Monitoring

Uses live system commands (top) to capture current CPU utilization, with fallback mechanisms to ensure reliability even in restricted environments.

Memory (RAM) Monitoring

Reports accurate RAM usage percentage using system-level commands and Node.js fallback logic.

Disk Usage Monitoring

Provides root filesystem disk utilization, allowing detection of storage pressure or capacity issues.

Docker Container Detection

Detects and reports running Docker containers and their status when Docker socket access is available.

Gracefully handles environments where Docker access is restricted.

Structured Output

Returns structured JSON output optimized for OpenClaw automation workflows and downstream processing.

Use Cases

This skill is useful for:

  • VPS health monitoring
  • DevOps automation workflows
  • Infrastructure monitoring
  • Troubleshooting performance issues
  • Detecting resource bottlenecks
  • Monitoring containerized environments
  • Automated system health checks

Example Output

{
  "success": true,
  "skill": "server-health-agent",
  "timestamp": "2026-02-20T12:00:00Z",
  "server_health": {
    "cpu_percent": "12.44",
    "ram_percent": "21.33",
    "disk_usage": "51%",
    "docker_status": "openclaw-openclaw-gateway-1: Up 2 hours"
  }
}

Files

4 total
Select a file
Select a file to preview.

Comments

Loading comments…