ClawHub

快速信息查询

v1.0.3

快速查询本机系统信息和OpenClaw配置。包括CPU、内存、磁盘、网络、环境配置、硬件资源占用、Docker容器、OpenClaw配置/频道/插件/服务状态。当用户询问"系统状态"、"CPU使用率"、"内存占用"、"磁盘空间"、"网络信息"、"硬件配置"、"进程状态"、"Docker状态"、"系统负载"、"配置...

1· 53·0 current·0 all-time
byAsuka@evangeliona
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires wallet
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description promise local system info and OpenClaw configuration; the script enumerates CPU, memory, disk, network, processes, Docker, systemctl services, and reads ~/.openclaw/openclaw.json. All requested actions map to the stated purpose.
Instruction Scope
SKILL.md instructs running scripts/sysinfo.sh with modules — the script follows that. It reads local files (~/.openclaw/openclaw.json, OC_HOME/agents) and runs system utilities (ss, ps, systemctl, docker, nvidia-smi, etc.). There is no network transmission in the code. The script claims to 'automatically redact' sensitive fields, but the redaction logic is based on key-name matching and some regex replacements and may not catch secrets stored under nonstandard keys or embedded in free-form strings.
Install Mechanism
Instruction-only with no install spec. No remote downloads or package installs are performed by the skill itself (low install risk).
Credentials
The skill declares no required environment variables or credentials. It optionally honors OPENCLAW_HOME and uses $HOME — reasonable for its function. However, it reads the OpenClaw configuration file from the user's home directory which may contain sensitive secrets; relying on key-name redaction is not a guaranteed protection.
Persistence & Privilege
No persistent installation or elevated privilege is requested (always:false). The script queries system state (systemctl, docker, ss) but does not modify other skills or system configuration.
Assessment
This skill appears coherent with its purpose, but before installing or running it: 1) Review the included sysinfo.sh yourself (it is provided) to confirm you are comfortable with its file reads and commands. 2) Check your ~/.openclaw/openclaw.json for any secrets stored under unexpected keys — the script redacts based on key names and regexes and may miss secrets in unusual locations. 3) Run the script as a non‑privileged user on a non-production system first to inspect outputs. 4) If you need stronger guarantees, run it in an isolated container or VM and/or remove secrets from the config or move them to a safer location before use. 5) Because it runs local system commands (docker, systemctl, ss, ps), expect it to report service and container state; ensure you are comfortable exposing that information to whoever can invoke the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk979t3dxjc7y5wz3m1jfp39fkh84e5wv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments