Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Task Watchdog
v1.0.0任务锁与超时监控系统。外部文件承载任务状态,不污染 agent 上下文,纯靠 heartbeat + GRACE 判断,不发即时告警。
⭐ 0· 73·0 current·0 all-time
by@axelhu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description and the included scripts consistently implement a local lock/heartbeat/watchdog system using files under $HOME/.openclaw/agents. That purpose is coherent with the code (create/update/done/scan/report/self-check).
Instruction Scope
Runtime instructions and scripts operate only on local lock files and call the platform CLI (openclaw sessions list) to check session liveness. They do not contact external URLs. Notable: scripts modify lock files (including changing session_id when 'taking over'), which is expected for this design but is a privilege that affects other agents' locks.
Install Mechanism
This is instruction-only with shipped shell scripts and no install spec. No remote downloads or archive extraction are performed by the skill package itself.
Credentials
Metadata lists no required binaries or env vars, but the scripts assume the openclaw CLI is available and read environment variables (AGENT_NAME, AGENT_SESSION_ID, ALLOWED_SESSION). That mismatch is inconsistent and could cause runtime surprises. The scripts also write logs and modify files under $HOME/.openclaw — reasonable for a local watchdog but a scope the user should expect.
Persistence & Privilege
The skill is not always-enabled and follows normal invocation rules. It does have the ability (by design) to change session_id and move/modify lock files for other agents when sessions are considered dead; this is functional for task takeover but is an elevated file-modification capability to be aware of.
What to consider before installing
This skill appears to implement a local task-lock/watchdog and is not making network calls, but there are a few things to check before installing:
- Confirm the openclaw CLI is present and trusted on the host: many scripts call `openclaw sessions list` but the skill metadata did not declare that binary requirement.
- Expect the scripts to read environment variables (AGENT_NAME, AGENT_SESSION_ID, ALLOWED_SESSION) even though the skill metadata lists none — set or review these before use.
- The scripts operate under $HOME/.openclaw/agents and will create/move/delete .lock files and logs; back up any existing data if you care about it.
- Understand the takeover policy: when an owner session is deemed dead, the scripts will update session_id and take over the lock. Make sure that behavior and its criteria (GRACE values) match your operational expectations.
- Test in an isolated environment (or with a non-production agent) to confirm time/locale assumptions and timestamp parsing behave correctly on your system.
If you want me to, I can: (1) point out all places the code reads env vars/binaries, (2) produce a short checklist for safe deployment, or (3) show minimal edits to make the metadata reflect the real requirements.Like a lobster shell, security has layers — review code before you run it.
latestvk977gsy6vymyy8zbffnjhc5zg583j6c1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.