ClawHub

Agent Health Optimizer

v1.4.0

Audit and improve your OpenClaw setup with one skill. Scores agent health, audits memory hygiene, checks cron reliability, and compares installed skills agai...

1· 695·3 current·4 all-time
byZihao Feng@zihaofeng2001
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match what the files and SKILL.md implement: health scoring, memory auditing, cron analysis, and skill comparison. Required binaries (openclaw, python3) are appropriate for the implemented behavior. There are no unrelated credentials, binaries, or config paths requested.
Instruction Scope
SKILL.md and the scripts consistently declare and perform the same actions: reading workspace files (MEMORY.md, AGENTS.md, memory/*.md, skills/*/SKILL.md), calling `openclaw cron list` and (in fix mode) `openclaw cron edit`, and fetching ClawHub API endpoints. The scripts produce JSON reports under memory/ and only modify cron when explicitly invoked with --fix (which backups cron state first). No instructions request unrelated system-wide reads/writes or unknown network endpoints.
Install Mechanism
There is no install spec (instruction-only install), and all code is bundled with the skill (scripts/*.py). No external downloads or arbitrary URL extraction occur at install time. Network access is limited to the documented ClawHub API endpoints via standard Python urllib calls.
Credentials
The skill requests no environment variables or credentials. It reads local workspace files and uses the openclaw CLI; that access is proportional to its stated auditing purpose. There are no demands for unrelated secrets or cloud credentials.
Persistence & Privilege
The skill is not marked always:true. It can be invoked autonomously per platform defaults, but that is normal and not combined with broad credential use or hidden persistence. The only write operations are report files under memory/ and conservative cron edits only when --fix is passed; cron edits create a backup first.
Assessment
This skill appears coherent: it reads your OpenClaw workspace, calls the openclaw CLI, and queries the public ClawHub API to produce audits and suggestions. Before installing or scheduling it: (1) Review the bundled scripts yourself (they are included) and run them once in read-only mode to see outputs; (2) only run with --fix when you understand and approve the specific cron edits—the script backs up cron state first but will call `openclaw cron edit`; (3) be aware the comparator queries https://clawhub.ai — ensure network access to that host is acceptable in your environment; (4) because autonomous invocation is allowed by default, avoid giving the agent blanket autonomy to run --fix without human review or restrict scheduling to read-only runs. Minor notes: the packaged _meta.json version differs from the registry metadata and some files in the manifest are truncated in the provided listing — these are not security issues but worth checking the full package before trusting it.

Like a lobster shell, security has layers — review code before you run it.

latestvk97etvwzkt6mn272a7g6f2tzwx82va6y

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsopenclaw, python3

Comments