Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill claims to monitor and adjust global AI parameters; the script reads local workspace files (memory, task state), computes load, and writes a state file — actions that fit a monitoring/regulation purpose. The only small oddity is hardcoded paths under /root which may assume elevated or specific container layout, but this is not inconsistent with the stated purpose.
Instruction Scope
SKILL.md describes a workflow that includes notifying other skills and implementing negative feedback loops. The included script implements state reporting and writes a state.json but does not demonstrate inter-skill notification or automated feedback beyond producing the file and stdout. The script reads conversation/memory files (expected for token/turn estimates) — this is consistent with monitoring but does access potentially sensitive local data.
Install Mechanism
Instruction-only with a small shell script; there is no install spec, no downloads, and no third-party package installation. Risk from install mechanism is low.
Credentials
The skill requests no environment variables or external credentials. It reads local workspace files and $HOME/.openclaw/openclaw.json; these accesses are proportionate to a component that estimates token usage, active tasks, and turns. There are no network calls or secret exfiltration mechanisms present.
Persistence & Privilege
The script writes a state file to /root/.openclaw/workspace/.endo/state.json and creates its parent directory. This is appropriate for maintaining local state but implies write access to the agent's workspace; the hardcoded /root path may fail or be inappropriate if the agent runs under a different user. always:false so it won't be forced into every agent run.
Assessment
This skill appears to be a local monitor that reads the agent's workspace (memory and task-state files) and writes a local state.json; it does not phone home or require credentials. Before installing, consider: 1) Do you trust the agent's workspace files to be read by a skill (they may contain sensitive conversation data)? 2) The script uses /root paths — ensure it runs with appropriate file permissions or adapt the paths to a non-root environment. 3) If you expect inter-skill notifications or automated feedback, note that the provided script only computes and writes a state file and prints output; additional integration would be needed. If you accept local read/write of the OpenClaw workspace and adjust paths/permissions as needed, the skill is coherent with its stated purpose.Like a lobster shell, security has layers — review code before you run it.
latestvk9733vtey8mrtm6gcdmbbbs9bh84ct23
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🎚️ Clawdis