ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Defibrillator

v1.0.1

Watchdog that monitors your AI agent gateway and restarts it when it crashes. Triggers on "install defibrillator", "agent watchdog", "gateway monitor", "auto...

0· 795·2 current·3 all-time
byHazy@hazy2go
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (agent watchdog) align with the code and README: scripts monitor a launchd gateway, check responsiveness/version, and restart via launchctl. Required actions (writing to ~/Library/LaunchAgents, ~/.openclaw/scripts, and logs) are consistent with providing a persistent watchdog.
Instruction Scope
SKILL.md and scripts instruct the agent to install and run a launchd service and to read local state (process list, session file mtime, local health endpoint). Those actions are necessary for a watchdog, but the script touches ~/.openclaw/agents/main/sessions/sessions.json (reads mtime) and calls openclaw commands and localhost health endpoints — review if you are uncomfortable with a tool inspecting or interacting with local agent state/CLI.
Install Mechanism
No formal install spec in registry, but the package includes install.sh and defibrillator.sh. install.sh may download defibrillator.sh from raw.githubusercontent.com (a common but unaudited source) and README recommends a curl | bash one-liner. Downloading and executing remote scripts is convenient but increases risk — prefer cloning the repo and auditing scripts before running.
Credentials
The skill requires no extra environment variables or external credentials. It relies on existing OpenClaw CLI/config and the user's launchd privileges, which are proportional for a tool that manages the OpenClaw gateway. Note: it reads session file timestamps and invokes openclaw message send (for Discord notifications), so it will use whatever OpenClaw configuration/credentials exist on the host.
Persistence & Privilege
The installer creates a per-user launchd agent under ~/Library/LaunchAgents and scripts under ~/.openclaw — expected for a persistent watchdog. always:true is not set. The skill does not modify other skills' configurations or system-wide settings beyond the user's LaunchAgents.
Assessment
This package appears to do what it says: a macOS launchd watchdog for an OpenClaw gateway. Before installing: 1) Review defibrillator.sh and install.sh yourself (do not blindly run curl | bash). 2) Be aware the installer writes to ~/Library/LaunchAgents and ~/.openclaw and will call the OpenClaw CLI and a local health endpoint; if you don't trust existing OpenClaw config, audit those calls. 3) If you enable Discord notifications, set DISCORD_CHANNEL deliberately; the notify function uses OpenClaw's messaging, which will use whatever Discord credentials OpenClaw already has. 4) If uncertain, install from a local clone, run the script manually first, and test uninstall steps to ensure you can remove the service.

Like a lobster shell, security has layers — review code before you run it.

latestvk970enqvq2vkke6brfx7pmrpjx8181s8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments