ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

System Monitor

v1.3.0

Monitor system health on the gateway host (Raspberry Pi / ARM / Linux). Reports CPU, RAM, disk, temperature, uptime, load, top processes. Can check alert thr...

0· 117·0 current·0 all-time
by@lookupmark

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for lookupmark/lookupmark-system-monitor.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "System Monitor" (lookupmark/lookupmark-system-monitor) from ClawHub.
Skill page: https://clawhub.ai/lookupmark/lookupmark-system-monitor
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install lookupmark-system-monitor

ClawHub CLI

Package manager switcher

npx clawhub@latest install lookupmark-system-monitor
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the code: it reads /proc, /sys, calls ps and df, and reports CPU, RAM, disk, temp, uptime and top processes. This behavior is expected for a system-monitor. Minor inconsistency: the SKILL.md header mentions vcgencmd but the script does not call it.
Instruction Scope
Runtime instructions are local and read-only; the script does not perform network calls or require external services. However the SKILL.md claims 'Safe in groups: Output contains no sensitive paths, tokens, or user data' — the script does include mount points and truncated process command lines which can contain sensitive info. The script attempts to sanitize common token/key patterns, but that redaction is pattern-based and not exhaustive.
Install Mechanism
No install spec (instruction-only with an included script). Nothing is downloaded or written by an installer.
!
Credentials
Metadata declared 'Required config paths: none', but the script reads a per-user config at ~/.config/system-monitor/config.json to load thresholds. No env vars or credentials are requested. Reading a user config folder is reasonable for thresholds, but the mismatch between metadata and actual config access should be noted.
Persistence & Privilege
always is false and the skill does not modify other skills or system settings. It only reads system state and a single per-user config file.
What to consider before installing
This skill appears to do what it says (local system health checks), but review these before installing: - The script reads ~/.config/system-monitor/config.json (not declared in metadata). Inspect that file's contents/permissions if it exists. - Process command lines are reported (sanitized for common token patterns), but the redaction is pattern-based and can miss secrets passed as positional arguments or stored in environment variables. If you run this on hosts with sensitive command-line arguments, consider restricting its use or limiting --top output. - The SKILL.md claims 'no sensitive output' — treat that as optimistic. Expect mount points and trimmed commands in outputs. - The script is local and read-only (no network), and there is no installer. If you need stronger guarantees, run it in a non-sensitive account or inspect/modify the code to suit your security policy. If you want me to, I can suggest small code changes to harden redaction or to avoid reading the config file by default.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dt95zrasgp1synk9tr37j3984ahff
117downloads
0stars
4versions
Updated 3w ago
v1.3.0
MIT-0
@lookupmark
latest
Download

System Monitor

Real-time system health monitoring for the gateway host. Zero external dependencies.

Usage

# Full status report (human-readable)
python3 scripts/monitor.py

# JSON output (for programmatic use)
python3 scripts/monitor.py --json

# Check alert thresholds
python3 scripts/monitor.py --check-alerts

# Top N processes
python3 scripts/monitor.py --top 10

What It Reports

MetricSource
CPU usage %/proc/stat
RAM used/total/available/proc/meminfo
Swap used/total/proc/meminfo
Disk usage per mountdf -h
CPU temperature/sys/class/thermal/thermal_zone0/temp
Uptime/proc/uptime
Load average (1/5/15m)/proc/loadavg
Top processes by CPUps aux

Alert Thresholds

Default (configurable in SKILL.md or via code):

AlertThreshold
RAM> 90% used
Swap> 500MB used
CPU temp> 75°C
Disk> 90% full

Security

  • Read-only: Never writes, modifies, or executes anything beyond reading system stats
  • No network access: Purely local /proc, /sys, ps, df
  • No secrets: Does not access config files, tokens, or credentials
  • Safe in groups: Output contains no sensitive paths, tokens, or user data

Automation

Use with cron for periodic health checks:

# Every 30 minutes via OpenClaw cron → alerts to Telegram
# Or via HEARTBEAT.md

Comments

Loading comments...