Cls Openclaw Insights
v1.0.0分析存储在腾讯云日志服务 (CLS) 中的 OpenClaw 监控数据。 当用户需要查询、分析 OpenClaw 相关问题时,应使用此 skill,包括但不限于: - 成本分析:Token 消耗统计、费用趋势、模型调用成本对比 - 性能问题:会话卡死、队列积压、响应延迟 - 运行异常:Gateway 状态、Web...
⭐ 0· 97·0 current·0 all-time
bytrump@trumphuang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (CLS OpenClaw monitoring) lines up with the code and docs: scripts call Tencent Cloud CLS APIs and the Prometheus-compatible endpoints to retrieve logs/metrics. The only credentials accessed are the local TCCLI credential file (~/.tccli/default.credential), which is necessary for authenticating to Tencent Cloud. Required packages (tencentcloud-sdk-python, requests) are proportional.
Instruction Scope
SKILL.md instructs the agent to install dependencies (pip install -r requirements.txt), run the provided Python scripts, and to run `tccli auth login` (which opens a browser) if credentials are missing/expired. The doc explicitly states the agent can execute those commands on behalf of the user — that grants the agent the ability to run interactive auth and install packages in the environment. This is expected for a CLI-driven monitoring skill but is an operational consideration (agent will request/require local credentials and may trigger interactive login).
Install Mechanism
There is no formal install spec; the skill is instruction-plus-scripts. It asks the user/agent to run `pip install -r requirements.txt` (PyPI packages: tencentcloud-sdk-python, requests). Installing from PyPI is normal but will modify the Python environment where the agent runs; there are no downloads from unknown personal servers or archive extracts in the package.
Credentials
The only sensitive data accessed is the TCCLI credential file in the user's home directory (~/.tccli/default.credential). The scripts read these credentials to create API clients or form Basic Auth for the Prometheus endpoints — this is necessary and proportionate for querying CLS/Prometheus. The SKILL.md and code do not request unrelated environment variables or other service credentials.
Persistence & Privilege
The skill is not marked always:true and does not request persistent system-wide changes. It does instruct running installs and CLI auth but does not modify other skills or agent configurations. Autonomous invocation is allowed by platform default but is not combined with other high-risk flags.
Assessment
This skill appears to do what it says: query Tencent Cloud CLS and Prometheus-compatible metric endpoints for OpenClaw monitoring data. Before installing or letting an agent run it, consider: 1) The skill reads your local TCCLI credential file (~/.tccli/default.credential) and will use those credentials to call cloud APIs — confirm you trust the environment and the skill. 2) The SKILL.md instructs running `pip install -r requirements.txt` and `tccli auth login`; these commands will install packages and may open a browser for interactive login — run them manually in an isolated environment if you prefer. 3) If you want to be cautious, review the scripts locally and run them yourself instead of allowing an autonomous agent to execute them. 4) Ensure the Python environment used is isolated (virtualenv/container) to avoid surprising package changes.Like a lobster shell, security has layers — review code before you run it.
latestvk9793he3bsp1v9nx5bd1qnyy7h83ks4x
License
MIT-0
Free to use, modify, and redistribute. No attribution required.