ℹ
Purpose & Capability
The name/description promise enterprise security and token monitoring for OpenClaw and the shipped scripts implement checks (service status, config permissions, API-key detection, network exposure) and a token-monitoring loop. That core capability matches the stated purpose. Minor mismatch: marketing/docs claim payment (Alipay) and other high-level features (three-model routing, payment integration) that are not implemented in the provided scripts — these are product/marketing claims, not implemented code.
✓
Instruction Scope
SKILL.md and the scripts restrict activity to local system inspection: running openclaw commands, systemctl, journalctl, ss/grep, reading /etc, ~/.openclaw, /var/log, and generating reports. The scripts do examine environment variables (e.g., OPENAI_API_KEY etc.) and may print masked snippets; they also optionally send alerts via email/webhook if configured. There are no hardcoded external exfiltration endpoints in the code.
ℹ
Install Mechanism
The registry lists no automated install spec (instruction-only), which is lower risk. The repo's INSTALL.md suggests wget from a GitHub releases URL and creating a systemd unit — a conventional install path. No obscure download hosts or extracted arbitrary archives are used in the provided docs, but the registry metadata/owner are unknown and the INSTALL.md's wget target is an external URL (GitHub); confirm the release URL before running.
ℹ
Credentials
The skill declares no required environment variables, but the scripts inspect common API-related env vars (API_KEY, OPENAI_API_KEY, ANTHROPIC_API_KEY, etc.) and will log masked values if they exist. This is plausible for token usage monitoring, but it means the skill will read environment variables and look for secrets even though none were declared as required. Alert/webhook/email delivery depends on optional config vars (WEBHOOK_URL, EMAIL_RECIPIENT).
✓
Persistence & Privilege
The skill does not request 'always: true' or other elevated platform privileges. It expects to be run by a system administrator for full checks and the documentation describes creating a systemd service and adding startup hooks — standard for a local monitor. This requires administrative rights to install/enable, which is consistent with its function.
Assessment
What to consider before installing:
- Source/trust: The package owner and homepage are not authoritative (unknown). Verify the release tarball URL and repository (the docs mention GitHub) and confirm the code provenance before running on production systems.
- Review scripts before running: The shipped scripts read system logs, config files (e.g., /etc/openclaw/*, ~/.openclaw/*, /var/log/*) and environment variables and will write reports/logs under ~/.openclaw/security and /tmp or /var/log. Make sure you are comfortable with that access and with where logs/reports will be stored.
- Sensitive data exposure: The security-check script detects environment keys (OPENAI_API_KEY, ANTHROPIC_API_KEY, etc.) and prints masked values to stdout and to generated reports. If you run the script unattended, these outputs may be captured in logs; remove or protect sensitive env vars or run in a controlled environment.
- Alert channels are optional but can exfiltrate alerts externally: Webhook/email alerting only occurs if you configure WEBHOOK_URL or EMAIL settings, but if you do, verify the destination and secret handling. The code uses curl to POST webhook payloads from the configured URL.
- Installation implications: Installing as a systemd service (as suggested) requires root/sudo and will run continuously; test the scripts in a sandbox first. The provided systemd system/service templates embed the current working directory — if you enable the service, confirm ExecStart points to the correct, trusted path.
- Marketing vs implementation: The README/Differentiation claim Alipay/payment integration, AI-model routing and other premium features that are not present in the provided scripts. Treat those as roadmap/marketing rather than implemented behavior.
- Operational settings: Check default thresholds (ALERT_THRESHOLD, DAILY_LIMIT, CHECK_INTERVAL) and log retention to avoid excessive logging and ensure the monitor does not flood your system.
- Recommended steps: (1) inspect the code yourself or have a trusted admin do so, (2) run scripts in a non-production/test environment first, (3) back up current OpenClaw configs, (4) do not enable the systemd service until satisfied with behavior, and (5) if you need production-grade financial compliance, validate the tool against your compliance requirements and vendor/source identity.
Confidence note: The files and behavior are coherent with the stated purpose, but because the package owner/homepage are not authoritative and some marketing claims are unimplemented, I rate confidence as medium. Additional assurance would come from a verified repository, signed releases, or an author identity with a track record.
