ClawHub

linux-system-health

v1.2.1

Diagnose Linux OS-level issues — slow server, OOM kills, disk full, high CPU/load, DNS failures, connection timeouts, port exhaustion, too many open files, z...

1· 187·0 current·0 all-time
by@zjxylc
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description request core system tooling (ps, ss, ip, free, df, sysctl, dmesg, journalctl, systemctl) that are directly relevant to OS-level diagnostics. Optional binaries and the included script's checks (memory, CPU, disk, network, kernel) match the described purpose.
Instruction Scope
The SKILL.md and scripts explicitly instruct the agent to read many system files (/proc/*, /etc/*, /var/log size enumeration, journalctl, dmesg) and to probe DNS/network connectivity (resolution to github.com and TCP/53 checks against configured nameservers). These actions are coherent for diagnostics but do access kernel/journal/log data and user cache directories (e.g., /root/.cache, /home/*/.cache) — so run only where you permit such access. Script documents the single write (create+remove /tmp/.oc_write_test).
Install Mechanism
No install spec — the skill is instruction-plus-script only. The script is included in the bundle (scripts/diagnostics.sh) and there are no remote downloads or extract steps. This minimizes install-time risk.
Credentials
The skill requests no environment variables or external credentials. It requires root/sudo for full diagnostics (documented). The set of files it reads and commands it runs is proportionate to OS diagnostics; nothing in requires.env or primary credential fields is unexpectedly broad.
Persistence & Privilege
Flags: always:false and default autonomous invocation. Autonomous invocation is platform default and not by itself a concern. The notable privilege is that the script is intended to be run as root/sudo for full checks — that should be considered before granting the agent permission to execute it.
Assessment
This skill appears to do what it says: run local OS diagnostics using standard Linux tools and a bundled shell script. Before installing or running it, consider the following: - Review the included scripts yourself; they are plain Bash and do not contain hidden network exfiltration or external downloads. - The script reads kernel/journal/log files (dmesg, journalctl -k, /var/log/*, /proc/*) and checks user cache paths (/root/.cache and /home/*/.cache) for Chromium — avoid running it where those files are sensitive unless you approve. - It performs outbound network probes for DNS/resolution tests (resolves github.com and attempts TCP/53 to configured nameservers). If your environment restricts outbound network access, be aware of these probes. - It creates and immediately removes a single temp file (/tmp/.oc_write_test) to verify writability — this is the only write operation noted. - The script is intended to be run as root/sudo for complete results; only allow privileged execution in environments where you trust the skill and its operator. - If you need stronger guarantees, run the script manually on a staging host first, or run it under an account with limited access to sensitive files. Confidence in this assessment is high based on the provided SKILL.md and script; the verdict could change if additional files not provided here included network callbacks, credential collection, or remote download/install behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk979sw25vvxjcg6fg42jq8fdv583jt3n

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🖥 Clawdis
OSLinux
Binsbash, ps, ss, ip, free, df, sysctl, dmesg, mount, journalctl, systemctl

Comments