ProcessGuard — Critical Process Monitor & Auto-Restart
ReviewAudited by ClawScan on May 10, 2026.
Overview
ProcessGuard is a coherent process-monitoring skill, but it can run configured local commands, keep running on intervals, write status files, and optionally send alert data to webhooks.
Install only if you want an autonomous local process watchdog. Configure a strict commandAllowlist, avoid allowAnyCommand where possible, verify webhook destinations, and run it under the least-privileged OS account that can manage the intended services.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A bad or overly broad configuration could repeatedly run a local command with the privileges of the user running ProcessGuard.
The skill can execute configured local commands as part of health checks, which is central to its purpose but can be impactful if the configuration is unsafe.
const { spawn, spawnSync } = require('child_process'); ... const r = spawnSync(parts[0], parts.slice(1), { timeout: 5000, stdio: 'pipe', shell: false });Use commandAllowlist, avoid allowAnyCommand unless necessary, keep check and restart commands simple, and review every configured executable before starting the guard.
Once started, it will keep checking processes, writing heartbeat data, and potentially restarting services until stopped.
The skill starts recurring monitoring and heartbeat timers, which is disclosed and expected for a watchdog but means it continues operating until stopped.
this._startHeartbeat(); ... this._timer = setInterval(() => this.checkAll(), this.checkInterval);
Run it only in the intended environment, set reasonable check intervals and restart limits, and call stop() or terminate the process when monitoring is no longer desired.
Operational details about monitored processes may be shared with the webhook endpoint you configure.
The skill can send alert details, including process names and status messages, to a configured external webhook.
webhook: 'https://hooks.slack.com/services/...' ... Sends a JSON POST body: { "level": "critical", "process": "ollama", "message": ... }Use trusted webhook URLs only, avoid embedding sensitive details in process names, and prefer local alert files or callbacks if operational metadata should stay local.
You have less external context for verifying the maintainer, repository history, or update provenance.
The package has limited provenance information, which matters more for a skill that can execute local commands and manage processes.
Source: unknown; Homepage: none
Review the included source before use, pin the version you trust, and install only in environments where you are comfortable granting process-control authority.