Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Config Diagnose
v1.0.0智能配置诊断工具,帮助排查配置问题、环境变量、服务状态、文件搜索等。触发词:为什么不能、找不到配置、排查问题、诊断一下。
⭐ 0· 176·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the implemented functionality: scripts check env vars, service ports, files, OpenClaw workspace and generate reports. However the scripts probe many API-related env vars (OPENAI_API_KEY, ANTHROPIC_API_KEY, BAIDU_API_KEY, GOOGLE_API_KEY, GITHUB_TOKEN) and print partial key prefixes, which is consistent with an "API diagnosis" feature but is sensitive and worth noting.
Instruction Scope
SKILL.md explicitly directs the agent to run the provided shell scripts and also suggests integrating with heartbeat (active monitoring). The scripts read system state under /root (directories, memory files, openclaw.json), enumerate installed skills, run network checks (ping, nc), run lsof/pgrep/ps/find/df. These are in-scope for diagnostics but they touch sensitive areas (/root, workspace, memory files) and the instructions encourage adding proactive checks to HEARTBEAT.md, which increases runtime scope.
Install Mechanism
No install spec (instruction-only skill with bundled scripts). No external downloads or package installs. Risk from install mechanism is low.
Credentials
The skill requires no declared env vars but reads many environment variables at runtime and prints them (for APIs it prints first 10 chars). Accessing and echoing API keys, EMAIL_PASSWORD, and other secrets is proportionate to "diagnose config" but increases exposure risk — especially if diagnostic output is logged, stored, or transmitted. The skill also examines files under /root/.openclaw and workspace which may contain credentials or private data.
Persistence & Privilege
always:false and agent invocation is normal. However SKILL.md describes an optional "主动监控" mode and provides a heartbeat-check script; if users integrate that into a scheduler or HEARTBEAT.md, the skill can become a periodic checker that actively notifies. That is not automatic here, but it is easy to enable and increases blast radius if enabled with high privileges.
What to consider before installing
This skill is internally consistent with a configuration-diagnostic tool, but review before enabling widely: 1) The scripts read /root and OpenClaw workspace paths — they list directories and check for files that may contain sensitive data. 2) The API/email checks print partial API keys and mention EMAIL_PASSWORD; if diagnostic output is logged, sent to external services, or visible to other users, secrets could be exposed. 3) The SKILL.md suggests adding a heartbeat/active monitoring mode — enabling that makes the skill run periodically and increases risk. Recommended actions: inspect the scripts locally, run them in an isolated environment (or with a non-privileged account), disable or do not integrate the heartbeat if you don't want periodic checks, and avoid sending diagnostic output to third-party endpoints or logs that are shared. If you need clearer behavior (e.g., skip printing key prefixes, limit search paths, or avoid /root), request those specific changes from the author before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk971ahp1s3j3bjg3sn8h68neq9837w4c
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🔍 Clawdis