ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Server Monitor Collector

v1.0.0

Collect server monitoring data (Zabbix / Prometheus / Alibaba / Tencent / Huawei Cloud), generate CSV/XLSX reports and send via email or Feishu.

0· 18·0 current·0 all-time
by@freepengyang

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for freepengyang/server-monitor-collector.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Server Monitor Collector" (freepengyang/server-monitor-collector) from ClawHub.
Skill page: https://clawhub.ai/freepengyang/server-monitor-collector
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: python3
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install freepengyang/server-monitor-collector

ClawHub CLI

Package manager switcher

npx clawhub@latest install server-monitor-collector
Security Scan
Capability signals
Requires walletRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Functionality (Zabbix, Prometheus, Alibaba/Tencent/Huawei, email/Feishu) aligns with the description, but the skill metadata declares no required env vars while the scripts clearly expect many secret credentials. Additionally several scripts contain hardcoded default credentials/endpoints (e.g., ZABBIX_URL pointing to zabbix.ops.qiyujoy.com and default ZABBIX_PASSWORD), which is inconsistent with a skill that should only contact user-configured systems.
!
Instruction Scope
SKILL.md instructs using ~/.hermes/.env and scheduling the main cron; the bundled scripts read environment variables and will auto-detect sources. However code also reads/writes absolute paths under /root/.hermes, and several files contain hardcoded FEISHU_CHAT_ID and default cloud keys/endpoints. The runtime instructions therefore permit (and the code will perform) network calls and potential data disclosure to defaults if the user does not explicitly set their own env vars — broader scope than the metadata indicates.
Install Mechanism
There is no external download — all scripts and reference files are bundled (file installs). That lowers install risk. The scripts require common Python libraries (openpyxl, pandas, httpx, aliyun SDK optionally) which the SKILL.md documents; no opaque remote installers or URL downloads were used. Still, the package includes multiple fairly large scripts with embedded defaults that should be reviewed.
!
Credentials
Metadata declared no required environment variables, but the skill actually expects many secrets (ZABBIX_URL/TOKEN or user/password, ALIBABA_ACCESS_KEY_ID/SECRET, TENCENT_SECRET_ID/KEY, HUAWEI_ACCESS_KEY/SECRET, SMTP_* , FEISHU_CHAT_ID, etc.) communicated via ~/.hermes/.env or loaded via dotenv. Worse, default secret-like values and keys are present in code (e.g., Alibaba/Alibaba LTAI and SK defaults, Zabbix default password, FEISHU_CHAT_ID), which is disproportionate and risky because missing user config causes the scripts to use those defaults and reach external endpoints.
!
Persistence & Privilege
The skill does not request 'always: true' and can be invoked by the user, but several scripts use absolute paths under /root (e.g., /root/.hermes/cron/output/* and /root/.hermes/.env). This implies the code expects to run as root or will write to root-owned locations, which is surprising and raises privilege/persistence concerns (unexpected file writes, need to run as root, or failure with possibly inconsistent behavior). The scripts also provide a 'hermes cron create' example which would schedule recurring runs — normal for cron but combine with hardcoded defaults increases blast radius.
scan_findings_in_context

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🖥️ Clawdis
Binspython3
alibabavk974ah56kkh9q0ppc209r7zv3d85nrs3devopsvk974ah56kkh9q0ppc209r7zv3d85nrs3huaweivk974ah56kkh9q0ppc209r7zv3d85nrs3latestvk974ah56kkh9q0ppc209r7zv3d85nrs3monitoringvk974ah56kkh9q0ppc209r7zv3d85nrs3servervk974ah56kkh9q0ppc209r7zv3d85nrs3tencentvk974ah56kkh9q0ppc209r7zv3d85nrs3zabbixvk974ah56kkh9q0ppc209r7zv3d85nrs3
18downloads
0stars
1versions
Updated 4h ago
v1.0.0
MIT-0
@freepengyang
alibabadevopshuaweilatestmonitoringservertencentzabbix
Download

Server Monitor Collector

Collect server or cloud VM monitoring data, generate formatted Excel reports, and optionally send summaries via email or Feishu/Lark.

Supported Data Sources

SourceAuthNotes
ZabbixUser/Pass or API TokenHost groups, memory, CPU, disk
PrometheusURL onlyPromQL queries
Alibaba Cloud CMSAccessKey/SecretKeyECS, RDS, SLB, EIP metrics
Tencent Cloud CAMSecretID/KeyTC3-HMAC-SHA256 signature
Huawei Cloud IAMAccessKey/SecretKeyIAM Token auth

Data sources are auto-detected from .env — configure credentials for any combination and they will all be collected.

Setup

1. Configure Environment

Create/edit ~/.hermes/.env. Only configure the sources you need:

# --- Zabbix (pick one auth method) ---
ZABBIX_URL=https://zabbix.example.com/api_jsonrpc.php
ZABBIX_USER=Admin
ZABBIX_PASSWORD=your_password
# ZABBIX_TOKEN=your_api_token  # optional, takes priority over password

# --- Alibaba Cloud ---
ALIBABA_ACCESS_KEY_ID=your_key_id
ALIBABA_ACCESS_KEY_SECRET=your_secret
ALIBABA_REGION=cn-hangzhou
# ALIBABA_METRICS=CPUUtilization,MemoryUtilization,InternetInRate  # optional

# --- Tencent Cloud ---
TENCENT_SECRET_ID=your_secret_id
TENCENT_SECRET_KEY=your_secret_key
TENCENT_REGION=ap-shanghai

# --- Huawei Cloud ---
HUAWEI_ACCESS_KEY=your_access_key
HUAWEI_SECRET_KEY=your_secret_key
HUAWEI_REGION=cn-east-3

# --- Notifications ---
FEISHU_CHAT_ID=oc_xxxx         # optional
SMTP_HOST=smtp.example.com      # optional, omit to skip email
SMTP_PORT=465
SMTP_FROM=alarm@example.com
SMTP_TOKEN=your_token
TARGET_EMAIL=admin@example.com

# --- Report options ---
# TOPN: show top N hosts by memory+CPU score, 0=off (default: 50)
TOPN=50

2. Install Dependencies

Zabbix / Prometheus — no extra deps:

python3 zabbix_cron.py

Alibaba Cloud — needs SDK (use uv since venv has no pip):

uv run --with aliyun-python-sdk-core --with aliyun-python-sdk-cms \
  python3 cloud_monitor.py

Tencent / Huawei — pure Python, only httpx needed:

uv run --with httpx python3 cloud_monitor.py

3. Run Once (Manual Test)

python3 zabbix_cron.py

Expected output:

  • ~/.hermes/cron/output/zabbix_monitor.csv
  • ~/.hermes/cron/output/zabbix_monitor.xlsx (one sheet per host group + overview + TOP sheet)

4. Schedule Daily Report

hermes cron create \
  --name "Daily Server Health Report" \
  --script zabbix_cron.py \
  --schedule "30 9 * * *"

Output Format

CSV

  • UTF-8-BOM encoding — opens correctly in Windows Excel without garbled characters
  • Columns: 主机组, 主机名, IP, 内存可用(GB), 内存总量(GB), 内存占用率(%), CPU占用率(%)

XLSX

  • 总览 sheet: summary table with host group stats and alarm counts
  • Group sheets: one per host group, sorted by memory usage descending
  • TOP50(内存+CPU) sheet: top 50 hosts across all groups by combined memory+CPU score
  • Cell coloring: 🔴 ≥80% red, 🟠 ≥60% orange, 🟡 ≥40% yellow

Auto-Detection Logic

Scripts detect which sources to use based on which env vars are set:

Env var presentData source used
ZABBIX_URLZabbix API
ALIBABA_ACCESS_KEY_IDAlibaba Cloud CMS (SDK)
TENCENT_SECRET_IDTencent Cloud CAM (TC3签名)
HUAWEI_ACCESS_KEYHuawei Cloud IAM (Token)
PROMETHEUS_URLPrometheus PromQL

Zabbix Host Group Exclusion

These groups are excluded by default (set in EXCLUDE_GROUPS in script):

  • Templates* — template groups
  • Discovered hosts — Zabbix auto-discovery

Key Zabbix Item Keys

KeyDescription
vm.memory.size[available]Memory available (bytes)
vm.memory.size[total]Memory total (bytes)
system.cpu.utilCPU utilization (%)
vfs.fs.size[/,pused]Root disk usage (%)

Alarm Thresholds

MetricWarningAlarm
Memory usage≥40% yellow≥60% orange, ≥80% red
CPU usage≥40% yellow≥60% orange, ≥80% red

Feishu Message Format

Markdown card sent to FEISHU_CHAT_ID containing:

  • Report timestamp, total hosts, group count
  • Top 20 hosts with memory ≥60% or CPU ≥60%
  • Color-coded: 🔴≥80%, 🟠≥60%, 🟡≥40%

Email Format

  • Subject: 服务器监控报告 YYYY-MM-DD HH:MM
  • Body: HTML summary matching the Feishu card
  • Attachment: zabbix_monitor.xlsx

References

  • references/zabbix-config.md — Zabbix API details, item keys, auth options
  • references/notification-config.md — Feishu and email SMTP setup, common providers
  • references/cloud-config.md — Alibaba / Tencent / Huawei API endpoints, namespaces, SDK usage

Guardrails

  • Never hardcode credentials — always use ~/.hermes/.env
  • Never print full credentials in logs or chat
  • Never place scripts in web-accessible directories
  • If Zabbix host has no Agent — memory metrics show N/A, CPU still works
  • Alibaba Cloud MemoryUtilization requires Cloud Monitor Agent installed on ECS instance

Comments

Loading comments...