ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

LibreNMS

v1.0.0

Monitor LibreNMS network devices and alerts via API to get status, health sensors, port stats, and unresolved active alerts in read-only mode.

0· 712·0 current·0 all-time
byFlorian Beer@florianbeer
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (LibreNMS monitoring) matches what is requested and implemented. The script and SKILL.md only require a LibreNMS URL and token, and the API endpoints wrapped in the script correspond to standard LibreNMS read-only endpoints.
Instruction Scope
Runtime instructions limit the agent to local config reading (~/.openclaw/credentials/librenms/config.json) or LIBRENMS_URL/LIBRENMS_TOKEN env vars and to issuing curl requests to the configured LibreNMS instance. There are no instructions to read unrelated files, exfiltrate data to third-party endpoints, or modify other system components. Note: the script uses curl -k to ignore TLS validation (documented in SKILL.md).
Install Mechanism
No install spec (instruction-only plus a CLI script). Dependencies are standard command-line tools (curl, jq, optional bc). Nothing is downloaded from arbitrary URLs or written to system paths beyond reading the declared credentials path.
Credentials
Only LIBRENMS_URL and LIBRENMS_TOKEN (or a local config file containing url and api_token) are used, which is proportional to the stated purpose. Credentials are stored under ~/.openclaw/credentials/librenms and SKILL.md/README advise restricting file permissions.
Persistence & Privilege
Skill is not always-enabled, does not request elevated privileges, and does not modify other skills or system-wide settings. It reads a local credentials file and environment variables only.
Assessment
This skill appears to do what it says: read-only monitoring via your LibreNMS API. Before installing: 1) Only provide a token scoped appropriately in LibreNMS and store it with restrictive permissions (chmod 600). 2) Be aware the script defaults to curl -k (skips TLS verification) — remove -k if you require strict TLS. 3) Review the script if you have a high-security environment (it runs curl and jq on responses but does not transmit data to other endpoints). 4) Install only the listed deps (curl, jq, bc optional) and ensure your LibreNMS instance is reachable and trusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bj77379q16gn1thcpmypax5814s2a
712downloads
0stars
1versions
Updated 9h ago
v1.0.0
MIT-0
Florian Beer@florianbeer
latest
Download

LibreNMS Skill

Monitor network infrastructure via LibreNMS REST API. Read-only monitoring skill for device status, health sensors, port statistics, and alerts.

Configuration

Create ~/.openclaw/credentials/librenms/config.json:

{
  "url": "https://librenms.example.com",
  "api_token": "your-api-token-here"
}

Or set environment variables:

  • LIBRENMS_URL — Base URL of your LibreNMS instance
  • LIBRENMS_TOKEN — API authentication token

Commands

Quick Overview

librenms summary

Dashboard view showing total devices, how many are up/down, and active alert count. Use this first to get a quick status overview.

Device Management

librenms devices           # List all devices with status, IP, OS, uptime
librenms down             # Show ONLY devices that are down (critical for alerting)
librenms device <hostname> # Detailed info: hardware, serial, location, OS version

Health Monitoring

librenms health <hostname> # Temperature, CPU, memory, disk usage sensors
librenms ports <hostname>  # Network interfaces with traffic stats

Alerts

librenms alerts           # Show active/unresolved alerts with severity and timestamps

Usage Patterns

Daily health check:

librenms summary && librenms down && librenms alerts

Investigate specific device:

librenms device switch-core-01
librenms health switch-core-01
librenms ports switch-core-01

Quick down-device triage:

librenms down | grep -v "UP"

Important Notes

  • All operations are read-only — no device modifications possible
  • The script accepts self-signed certificates (-sk flag for curl)
  • Status indicators: ● green = up, ● red = down
  • Uptime is formatted as human-readable (days/hours instead of seconds)
  • Traffic stats are formatted as KB/MB/GB per second

Heartbeat Integration

Check infrastructure health periodically:

# In heartbeat script
if librenms down | grep -q "Devices Down"; then
    # Alert on down devices
    librenms down
fi

# Check for active alerts
if librenms alerts | grep -q "Active Alerts"; then
    librenms alerts
fi

Dependencies

  • curl — API calls
  • jq — JSON parsing
  • bc — Numeric formatting (optional, for bytes conversion)

API Coverage

Wrapped endpoints:

  • /api/v0/devices — All devices
  • /api/v0/devices/{hostname} — Single device details
  • /api/v0/devices/{hostname}/health — Health sensors
  • /api/v0/devices/{hostname}/ports — Network ports
  • /api/v0/alerts?state=1 — Unresolved alerts

Full API docs: https://docs.librenms.org/API/

Troubleshooting

"Config file not found" Create ~/.openclaw/credentials/librenms/config.json or set env vars.

"API returned HTTP 401" Check your API token. Generate a new one in LibreNMS under Settings → API.

"Failed to connect" Verify the URL is correct and the LibreNMS instance is reachable. Check firewall rules.

Self-signed cert warnings The script uses -sk to ignore cert validation (common in LibreNMS setups). If you need strict validation, edit the script and remove the -k flag.

Comments

Loading comments...