Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (主动监控系统状态) align with the instructions to check disk, memory, CPU, network, and processes. However, the SKILL.md promises automatic remediation ('可以自动修复的立刻处理') yet the skill declares no required binaries, privileges, or configuration — a mismatch. Automatic fixes typically require specific tools, commands, or elevated privileges (sudo), which are not documented here.
Instruction Scope
Instructions are high-level and allow the agent to 'periodically check' many system aspects and '主动告警' and '自动修复' without specifying how to collect metrics, what commands to run, which files/paths to read, or where to send reports. That vagueness grants the agent broad discretion to run commands or read system state beyond what's necessary for safe monitoring.
Install Mechanism
This is an instruction-only skill with no install spec and no code files — low install risk. Nothing will be written to disk by an installer. The risk arises from runtime actions the agent may take following the instructions, not from any installation steps.
Credentials
No environment variables, credentials, or config paths are requested — this limits explicit exfiltration risk. At the same time, the agent's runtime instructions imply it may need privileged access or external reporting endpoints (not declared), so the absence of declared requirements is notable and reduces transparency about where alerts or fixes might be sent or what privileges are needed.
Persistence & Privilege
always:false (good) and autonomous invocation is allowed (default). Autonomous invocation combined with unspecified automatic remediation increases risk because the agent could take corrective actions without explicit per-action approval. The skill also does not define safeguards like approval prompts, dry-run modes, or an allowlist of remediation actions.
What to consider before installing
This skill's goal (automatic system monitoring) is reasonable, but its instructions are vague about how checks/reporting/fixes are performed. Before installing or enabling this skill: 1) Require the author to specify exact check commands, required binaries/tools, and whether elevated privileges (sudo) are needed. 2) Require explicit, auditable reporting endpoints (where alerts go) and ensure no external endpoints are implicit. 3) Disable fully autonomous remediation or require explicit confirmation for any fixes; prefer a 'suggested fix' workflow. 4) Run in a non-production/test environment first and enable detailed logging/audit so you can review actions. 5) If you must use it in production, limit the agent's permissions (least privilege), and restrict which remediation actions are allowed. If these clarifications are not provided, treat the skill as risky to enable autonomously.Like a lobster shell, security has layers — review code before you run it.
latestvk97cctmvapqd6pv95mwhjvfww583q8fq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.