Infra Monitoring
v0.1.0Monitor server health, uptime, resource utilization, SSL certificate expiry, and incident detection for small teams and self-hosters. Delivers plain-language...
⭐ 0· 17·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (infra monitoring, uptime, SSL expiry, resource checks) match the SKILL.md and reference files. The skill does not request unrelated binaries, env vars, or config paths; all declared capabilities (HTTP checks, parsing pasted system outputs, threshold-based classification) are proportionate to the stated purpose.
Instruction Scope
Runtime instructions stay within scope: parse user-provided command output, run HTTP/HTTPS checks on endpoints the user supplies, classify metrics, and produce reports. The SKILL.md explicitly prohibits connecting to servers without explicit user-provided connection details and forbids automatic remediation without confirmation. It does not instruct the agent to read arbitrary system files or environment variables beyond user-supplied data.
Install Mechanism
No install spec and no code files — instruction-only skill. This minimizes disk-write and external-install risk. There is no download URL, package installation, or archive extraction to review.
Credentials
The skill declares no required environment variables, no primary credential, and no config paths. The SKILL.md also documents a boundary of 'no access without explicit configuration.' There are no disproportionate credential requests.
Persistence & Privilege
always is false, model invocation is allowed (default). The skill does not request persistent presence or modify other skills or system-wide settings. It documents that it will not perform automated remediation without explicit, confirmed user steps.
Assessment
This skill appears coherent and aligned with its stated monitoring purpose. Before installing or using it: (1) avoid pasting secrets (API keys, SSH keys, passwords) or sensitive log contents — the skill expects metrics and endpoints, not credentials; (2) be aware it may perform network checks on any endpoints you provide, so only give domains/endpoints you control; (3) the skill will not take destructive actions automatically, but if you later request remediation (delete files, restart services) follow step-by-step confirmation and avoid sending sensitive operational credentials in chat; (4) remember LLM-based analysis can misinterpret ambiguous data—treat recommendations as guidance, not automated fixes.Like a lobster shell, security has layers — review code before you run it.
latestvk97bcyjedeqjrn4jket2s7mg9184j750
License
MIT-0
Free to use, modify, and redistribute. No attribution required.