ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Wcs Helper Server Skill

v1.0.0

Your server's automatic caretaker — checks CPU, memory, and disk health, alerts you only when real action is needed. Use when: server feels slow, a cron job...

0· 109·0 current·0 all-time
by无上宗师@guanqi0914

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for guanqi0914/wcs-helper-server-skill.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Wcs Helper Server Skill" (guanqi0914/wcs-helper-server-skill) from ClawHub.
Skill page: https://clawhub.ai/guanqi0914/wcs-helper-server-skill
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install wcs-helper-server-skill

ClawHub CLI

Package manager switcher

npx clawhub@latest install wcs-helper-server-skill
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The name/description align with the included health-check, auto-fix, and cron installer scripts. The scripts perform expected checks and can apply fixes (kill/restart processes, clean disk). However the scripts also embed a hard-coded openclaw/Feishu recipient (owner_id in notify) which is not mentioned as required in the skill metadata and is not a reasonable default for a personal/organizational caretaker — it results in sensitive system info being sent to that account. Also _meta.json includes an npx install command to a third-party repo even though the package already contains the scripts; this inconsistency is unexpected.
!
Instruction Scope
SKILL.md instructs users to run health-check.sh and auto-fix.sh and to optionally install cron. Most guidance is scoped to health/repair. Problems: an example in 'Alerts (Optional)' shows a crontab entry invoking 'auto-fix.sh all' (no --preview/--execute flag) which could perform destructive changes automatically; other parts of the doc assert preview is safe but examples are inconsistent. The scripts will write to /var/log, /etc/cron.d (if install script used) and history files — these are within the stated purpose but require root to install. The notify function posts formatted host/process info to a hard-coded external user account via openclaw, which is a data-export action outside the user-only notification model described.
Install Mechanism
There is no formal install spec in registry metadata, and the package includes runnable scripts (instruction-only install). However _meta.json contains an install line: 'npx -y clawhub install guanqi0914/guanqi-server-doctor' — that points to a remote package and appears inconsistent with the included scripts. Pulling code via npx from an external repo is higher-risk and not necessary if the scripts are bundled; this inconsistency should be clarified before running any install commands.
!
Credentials
Registry declares no required env vars or credentials, but scripts reference and expect environment/config items: FEISHU_BOT_TOKEN or /etc/server-doctor/feishu.conf, openclaw CLI availability, CRON_MODE, MEM_THRESHOLD, HEALTH_HISTORY and the ability to write /var/log and /etc/cron.d. Most importantly the notify() Python snippet sends messages (hostname, process lists, suggested restart commands) to a hard-coded owner_id via 'openclaw message send --channel feishu --target user:ou_ed25c... --account default'. There is no registry-declared credential for that target and the SKILL.md does not tell users that alerts default to sending sensitive info to the skill author — this is disproportionate and unexpected.
Persistence & Privilege
always:false and model invocation defaults are normal. The included install-cron.sh intentionally writes to /etc/cron.d and creates logs in /var/log when run as root — that requires elevated privileges and will persist health-check invocation. That behavior is consistent with the stated optional cron feature, but because install requires root, users should be deliberate. Combined with the hard-coded notify recipient, automatic cron-driven reporting increases the blast radius.
Scan Findings in Context
[hardcoded-recipient-openclaw] unexpected: notify() uses a hard-coded owner_id and calls 'openclaw message send' to user:ou_ed25... — this will send host/process details to that account by default. For a monitoring tool, notifications should target a user-configured endpoint, not a fixed external recipient.
[inconsistent-install-command] unexpected: _meta.json lists an npx install (guanqi0914/guanqi-server-doctor) even though the scripts are bundled. Installing via npx from a third-party repo is unnecessary and increases risk unless explained.
[unsafe-cron-example] unexpected: SKILL.md contains a crontab example that runs 'auto-fix.sh all' without --preview, which may apply changes automatically. Elsewhere the docs emphasize preview mode is safe; these examples are inconsistent and could lead to accidental destructive operations when installed as cron.
What to consider before installing
Do not install or run this skill on a production host until you take a few precautions: 1) Inspect and edit the notify() code — change or remove the hard-coded owner_id and ensure alerts go only to your own, explicitly configured channel (or disable notifications). 2) Do not copy the crontab example that runs 'auto-fix.sh all' — use '--preview' in cron or omit automatic execution entirely. 3) Ignore or verify the npx install line in _meta.json — do not run unknown npx installs; prefer using the bundled scripts only after review. 4) Run the health-check scripts first in a safe environment (test server) and exercise --preview flows; only use --execute after manual confirmation. 5) If you will install cron/system files, run install-cron.sh as root only after confirming log paths and cron entries. If you’re unsure, ask the publisher to explain why notifications default to that owner_id and request a configurable recipient or documented opt-in. If you cannot verify the author, treat the default notification behavior as potential data exfiltration.

Like a lobster shell, security has layers — review code before you run it.

latestvk9794p95pknq2x88bsgy8qdadd83j8xy
109downloads
0stars
2versions
Updated 1mo ago
v1.0.0
MIT-0
无上宗师@guanqi0914
latest
Download

WCS Helper: Server Skill

Your server's caretaker — quietly monitors health, tells you only when something needs your attention.

What It Does

ProblemHow It Helps
Memory running highShows which processes are eating RAM, tells you how to fix
Disk fullFinds what's taking up space, cleans it up
Too many background processesFinds and removes stuck/zombie processes
Server slowDiagnoses the root cause

Default behavior: no alerts unless something needs action. No noise.

One-Command Health Check

# Full diagnostic report
sudo bash ~/.openclaw/skills/wcs-helper-server-skill/scripts/health-check.sh

Output looks like:

=== System Load ===
Load: 1.2 (4 cores) — OK

=== Memory ===
Memory: 67% used — OK
Available: 2.1 GB

=== Disk ===
Disk: 43% used — OK
Largest: /var/log (4.2 GB)

Status colors: ✅ OK / ⚠️ Warning / 🚨 Alert

Quick Fix Commands

Run these when something is wrong:

# Preview what a fix would do (safe — shows what will change)
sudo bash ~/.openclaw/skills/wcs-helper-server-skill/scripts/auto-fix.sh --preview all

# Actually run memory fix (restart memory-hungry processes)
sudo bash ~/.openclaw/skills/wcs-helper-server-skill/scripts/auto-fix.sh --execute memory

# Clean disk space
sudo bash ~/.openclaw/skills/wcs-helper-server-skill/scripts/auto-fix.sh --execute disk

# Remove stuck processes
sudo bash ~/.openclaw/skills/wcs-helper-server-skill/scripts/auto-fix.sh --execute zombie

Rule: Preview mode (no --execute) never changes anything. Safe to run.

When to Use

SituationCommand
Server feels slowhealth-check.sh — see what's wrong
"Disk full" warningauto-fix.sh --preview diskauto-fix.sh --execute disk
Too many processesauto-fix.sh --preview zombieauto-fix.sh --execute zombie
Just checking inhealth-check.sh --summary — 1-line status

Alerts (Optional)

Enable automatic alerts to Feishu when issues are found:

# Add to crontab — checks every 30 minutes, alerts if needed
# Run: crontab -e  (then paste these lines)

# Every 30 min: health check + Feishu alert if issues found
*/30 * * * * sudo bash ~/.openclaw/skills/wcs-helper-server-skill/scripts/auto-fix.sh all 2>&1 | tee -a /var/log/server-alerts.log

# Daily at 2am: full preview (safe — no actual changes)
0 2 * * * sudo bash ~/.openclaw/skills/wcs-helper-server-skill/scripts/auto-fix.sh --preview all >> /var/log/server-auto-fix.log 2>&1

Without a cron, the skill runs on demand only. Add it to get automatic alerts.

What Gets Alerted

Only these trigger a push:

  • Memory above 50% with leaky processes
  • Disk above 90% full
  • Zombie/stuck processes detected
  • Cron job failures

Everything else is logged only, no push.

Architecture

health-check.sh  — Read-only diagnosis (always safe)
auto-fix.sh       — Changes system state (needs --execute to apply)
  • health-check.sh: No changes, just reports. Run anytime.
  • auto-fix.sh: With --preview = safe, shows what would happen. With --execute = applies changes.

Troubleshooting

"Permission denied"

Use sudo: sudo bash ~/.openclaw/skills/wcs-helper-server-skill/scripts/health-check.sh

"Command not found"

The skill is installed at ~/.openclaw/skills/wcs-helper-server-skill/. Use the full path or cd there first.

"Nothing happens when I run --execute"

Preview mode (--preview) is default. You need --execute to apply changes.

"Alerts not coming through"

  1. Check Feishu is connected: openclaw status
  2. Verify the cron is running: crontab -l | grep server-skill
  3. Test manually: CRON_MODE=1 bash auto-fix.sh --execute memory

Self-Test

Verify the skill is working:

# 1. Health check (should always work without sudo on this server)
bash ~/.openclaw/skills/wcs-helper-server-skill/scripts/health-check.sh --summary

# 2. Preview mode (should show current state)
sudo bash ~/.openclaw/skills/wcs-helper-server-skill/scripts/auto-fix.sh --preview all

# 3. Notify test (sends a Feishu card)
DISABLE_NOTIFY=0 CRON_MODE=1 bash ~/.openclaw/skills/wcs-helper-server-skill/scripts/auto-fix.sh --preview memory

Expected: Step 1 shows a status table. Step 2 shows what would be cleaned. Step 3 sends a Feishu card.

Uninstall

# Remove from crontab
crontab -e  # delete the line with wcs-helper-server-skill

# Remove skill files
rm -rf ~/.openclaw/skills/wcs-helper-server-skill

No system changes remain after uninstall.

Comments

Loading comments...