ClawHub

Website Monitor

v1.0.0

Monitor websites for changes, downtime, or specific content. Get notified when a page changes, goes down, or matches/stops matching a pattern. Lightweight —...

0· 646·2 current·2 all-time
byShihao Jiang (Zac)@zacjiang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description align with the included script and instructions: the tool fetches pages, checks uptime, matches patterns, and keeps file-based state. No unrelated binaries, env vars, or services are requested.
Instruction Scope
SKILL.md instructs the agent to run the bundled Python script and optionally add cron/heartbeat tasks. The runtime steps only read the provided URL list and state directory and do not ask the agent to read other system files or secrets.
Install Mechanism
There is no install spec beyond advising pip3 install requests. No downloads from 3rd-party URLs or archive extraction are present; the included Python script is self-contained.
Credentials
The skill requests no environment variables or credentials. The only external dependency is the 'requests' library, which is justified for HTTP fetching.
Persistence & Privilege
The skill writes snapshot/state files to a state directory (default /tmp/monitor-state). This is normal for a monitor, but those files can contain scraped page content and should be stored with appropriate access controls; the skill does not request persistent platform privileges or always:true.
Assessment
This skill appears to do exactly what it says: fetch URLs, diff their text, and save snapshots. Before installing, consider: (1) run it in a restricted environment (unprivileged user or container) because it will make outbound HTTP requests to whatever URLs you provide; (2) choose a secure state-dir (not world-readable) since page snapshots may include sensitive content; (3) review and control the list of URLs you monitor to avoid scanning internal services unintentionally; (4) install the 'requests' dependency from a trusted source and pin its version if needed; and (5) note the source is 'unknown' with no homepage—if provenance matters, obtain the script from a vetted source or audit the code yourself (the included monitor.py is small and readable).

Like a lobster shell, security has layers — review code before you run it.

latestvk97eff5t4y44fezgh9h040edz582a45v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments