ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Monitor Alert - Automaton Edition

System health monitoring and alerting for Automaton. Checks cron execution, heartbeat rhythm, disk space, API limits, and memory health. Auto-alerts on anoma...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 53 · 0 current installs · 0 all-time installs
by@chenghaifeng08-creator
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims system/Automaton monitoring and the scripts perform cron, heartbeat, disk, token and memory checks which are coherent with that purpose. However the code hard-codes a Windows workspace path (C:\Users\Administrator\.openclaw\workspace) and invokes PowerShell; the skill metadata does not declare an OS restriction. That platform-specific assumption and the absolute workspace path are disproportionate to the generic description and may not match the user's environment.
!
Instruction Scope
The JS files read many workspace files (memory files, token-budget.md, MEMORY.md), enumerate and parse other skills' SKILL.md/_meta.json, and update SESSION-STATE.md. While these actions are plausible for an internal monitor, they access broad filesystem areas that may contain sensitive data. The scripts also invoke shell commands via execSync ('openclaw cron list' and a PowerShell command), which executes external processes — this gives the skill capability to run arbitrary commands if modified or run in a different context. The SKILL.md does not document these platform/path assumptions or the effect of writing SESSION-STATE.md.
Install Mechanism
There is no install script or external download—this is an instruction-only skill with included JS files. No third-party packages or remote URLs are fetched. That lowers installation risk, though included code performs shell exec and filesystem writes at runtime.
!
Credentials
The skill declares no required env vars or credentials, which fits a local monitor. However it assumes access to a specific workspace path and to other skills' files; token-monitor updates a SESSION-STATE.md two levels up (potentially outside the skill directory). Access to arbitrary workspace files without explicit declaration could expose sensitive content. No network endpoints are contacted, but filesystem access and writes are broader than the SKILL.md documents.
Persistence & Privilege
The skill does not set always:true and is user-invocable only. It does modify local files (writes SESSION-STATE.md) and relies on running shell commands. Those are normal for a monitoring skill, but writing to a session/state file outside the skill folder increases its persistence/impact in the workspace and should be reviewed.
What to consider before installing
Read the code before installing. Key points to check: 1) The scripts hard-code WORKSPACE = C:\Users\Administrator\.openclaw\workspace and use PowerShell — if you are not on Windows or you keep workspace elsewhere, the scripts will fail or behave unexpectedly. 2) health-monitor.js runs shell commands (execSync 'openclaw cron list' and a PowerShell size query) — ensure the 'openclaw' CLI and PowerShell are trusted and available. 3) Both scripts read broad workspace files (memory/, token-budget.md, skills/*) and token-monitor.js will update SESSION-STATE.md outside the skill directory — confirm you’re comfortable with that file being modified and with these reads (they could expose sensitive content). 4) No external network calls are present, which reduces exfiltration risk, but the ability to run shell commands means a malicious modification could escalate impact. Recommended actions: run in a sandbox or test environment first; adjust WORKSPACE and file paths to your environment; back up SESSION-STATE.md and other files before running; or request a version that accepts a configurable workspace path and documents exactly what files it reads/writes.
health-monitor.js:51
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97ckt978khek0d13syeb7tvd583apb6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🚨 Clawdis

SKILL.md

🚨 Monitor & Alert System

System health monitoring and automated alerting for Automaton.

Core Functions

1. Cron Execution Monitor

  • Verify all cron jobs executed on schedule
  • Detect missed or failed executions
  • Alert if >2 consecutive failures

2. Heartbeat Rhythm Check

  • Verify heartbeats running every 20 minutes
  • Detect gaps in execution
  • Alert if >40 minutes between heartbeats

3. Disk Space Monitor

  • Check workspace disk usage
  • Alert if >80% full
  • Auto-cleanup suggestions

4. API Limit Tracker

  • Monitor token usage vs budget
  • Alert at 70%, 90%, 100% thresholds
  • Suggest optimization strategies

5. Memory Health Check

  • Verify memory files accessible
  • Check for corruption
  • Alert if daily log missing

Usage

# Manual health check
node skills/monitor-alert/health-monitor.js

# Check specific component
node skills/monitor-alert/health-monitor.js --cron
node skills/monitor-alert/health-monitor.js --heartbeat
node skills/monitor-alert/health-monitor.js --disk
node skills/monitor-alert/health-monitor.js --token
node skills/monitor-alert/health-monitor.js --memory

Alert Channels

SeverityChannelResponse Time
LowLog onlyNext review
MediumDaily summary<24h
HighImmediate message<1h
CriticalImmediate + loud alert<5min

Configuration

Edit skills/monitor-alert/config.json:

{
  "thresholds": {
    "disk": {
      "warn": 80,
      "critical": 95
    },
    "token": {
      "warn": 70,
      "critical": 90
    },
    "heartbeat": {
      "maxGap": 40
    },
    "cron": {
      "maxFailures": 2
    }
  },
  "alerts": {
    "channel": "webchat",
    "quietHours": {
      "start": "23:00",
      "end": "07:00"
    }
  }
}

Files

monitor-alert/
├── SKILL.md              # This file
├── health-monitor.js     # Main monitoring script
├── config.json           # Configuration
├── alert-history.md      # Alert log
└── tests/
    └── health-check.js   # Integration tests

Author: Automaton
License: MIT
Last updated: 2026-03-20

Files

4 total
Select a file
Select a file to preview.

Comments

Loading comments…