← Back to Skills Marketplace
116
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install ssh-server-watchdog
Description
Monitor remote servers via SSH — check service health (PM2, systemd, Docker), database status (MongoDB, MySQL, PostgreSQL), disk space, memory, and auto-rest...
Usage Guidance
This skill is suspicious because it claims broad SSH/server monitoring but only ships a Windows‑focused MongoDB watchdog with hard-coded paths, an internal host mention, and undeclared environment/credential needs. Before installing: 1) Do not use password-in-expect in production — it exposes plaintext passwords; prefer key-based SSH and avoid embedding passwords in commands. 2) Inspect and (preferably) modify scripts locally: remove hard-coded IPs, default chat IDs, and Windows-specific paths; set TELEGRAM_BOT_TOKEN/TELEGRAM_CHAT_ID explicitly and securely. 3) Test in an isolated environment first (non-production VM) to verify behavior and restart logic; limit auto-restart frequency to avoid restart loops. 4) Be cautious about granting the watchdog an account that can restart services — prefer a dedicated low-privilege service account. 5) If you only need generic PM2/systemd/Docker/MySQL/Postgres monitoring, this package does not provide that out of the box; treat it as a MongoDB/Windows artifact and only install after auditing and adapting its code. If you cannot audit code yourself, do not deploy it to production.
Capability Analysis
Type: OpenClaw Skill
Name: ssh-server-watchdog
Version: 1.0.0
The skill bundle contains a monitoring script (scripts/mongodb-watchdog.js) with a hardcoded Telegram Chat ID (1663667034), which would cause server status updates and log snippets to be sent to an external party by default. Additionally, SKILL.md encourages the use of 'expect' for password-based SSH, a high-risk practice that involves the AI agent handling plaintext credentials. The presence of specific internal infrastructure details, such as IP 10.0.0.213 and custom file paths, suggests the bundle is an unsanitized export from a private environment.
Capability Assessment
Purpose & Capability
The manifest and SKILL.md advertise generic SSH monitoring (PM2, systemd, Docker, MySQL, PostgreSQL, MongoDB) but the included code is a MongoDB‑focused Node.js watchdog targeted at Windows (hard-coded Windows paths, D:\ logs, 'net start/stop'), and even includes comments with a specific internal host (10.0.0.213) and SSH admin string. The implementation is much narrower and environment-specific than the description suggests.
Instruction Scope
Runtime instructions tell the agent to run SSH commands and optionally use expect with plaintext passwords (example expect snippet). SKILL.md instructs copying the included JS file to remote servers and running npm install and pm2 — which is consistent — but it also omits declaring the environment variables the script reads (TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID). The expect usage and examples encourage handling plaintext passwords and exposing credentials in commands.
Install Mechanism
No install spec in registry (instruction-only), but SKILL.md instructs the user to npm install the mongodb npm package on the target. That is a standard, traceable install mechanism (npm) — no arbitrary URL downloads — but it does write files to the target server and installs a persistent PM2-managed process.
Credentials
The skill declares no required env vars, yet the included script reads TELEGRAM_BOT_TOKEN and TELEGRAM_CHAT_ID from environment and uses local filesystem paths (C:\ProgramData..., D:\ProPower_System...) and a hard-coded default chatId. The SKILL.md also requires 'expect' locally for password SSH but 'expect' is not declared. These undeclared credential/binary requirements and hard-coded internal host/path values are disproportionate to a generic monitoring skill.
Persistence & Privilege
The skill instructs deploying a persistent PM2 process (pm2 start ...; pm2 save). That is expected for a watchdog and the registry flags do not force always:true. However, the persistent process will run with whatever privileges the user gives it on the target server (it executes service restart commands), so privilege and blast radius depend on how it's installed and which account is used.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install ssh-server-watchdog - After installation, invoke the skill by name or use
/ssh-server-watchdog - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: SSH-based server monitoring with PM2, MongoDB, disk and memory checks, auto-restart
Metadata
Frequently Asked Questions
What is SSH Server Watchdog?
Monitor remote servers via SSH — check service health (PM2, systemd, Docker), database status (MongoDB, MySQL, PostgreSQL), disk space, memory, and auto-rest... It is an AI Agent Skill for Claude Code / OpenClaw, with 116 downloads so far.
How do I install SSH Server Watchdog?
Run "/install ssh-server-watchdog" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is SSH Server Watchdog free?
Yes, SSH Server Watchdog is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does SSH Server Watchdog support?
SSH Server Watchdog is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created SSH Server Watchdog?
It is built and maintained by Qoohsuan (@qoohsuan); the current version is v1.0.0.
More Skills