Alerting & Notification System

Centralized alerting and notification system for OpenClaw. Multi-channel alerts, intelligent rules, escalation, and audit.

This skill implements a plausible alerting system, but several things don't add up and raise risk: - Privileged host changes: The included shell script attempts to use sudo to create /var/log/openclaw_alerts, chown to a hardcoded user, and write a cron job to /etc/cron.d. Those operations require root and create persistent background activity on your host. - Modifies other skills: The integration functions write JavaScript files into other skills' directories (/workspace/skills/api-testing and /workspace/skills/security-tools). That means installing or running this skill can change other skills' behavior — a serious lateral-impact capability. - Undeclared credentials: The registry metadata declares no required env vars, yet code expects TELEGRAM_CHAT_ID, GOOGLE_ACCOUNT, ADMIN_EMAIL and SKILL.md documents ALERTING_* variables. The mismatch makes it unclear what secrets you'd need to supply and why. - Hardcoded organization targets: Many example monitors and cron jobs point to tiklick.* domains and a specific author/email. This suggests the package may be built for a particular company's infrastructure rather than generic use. - Potential for unexpected network activity: The code will monitor external endpoints and may invoke email/telegram sending commands; if you provide credentials, it will use them. The code also uses child_process.exec to run CLI commands (e.g., gog gmail), increasing attack surface. What to do before installing or running: 1. Do not run alert_integration.sh or any init/cron commands as root on production hosts until you review and adapt them. 2. Inspect and remove or sandbox the cron-installing code; prefer user-level scheduling or containerized deployment. 3. Remove or review the code that writes into other skills' directories; prefer explicit, opt-in integration steps rather than automatic modification. 4. Require the author to declare exactly which environment variables/credentials are needed in registry metadata, and validate they are used minimally. 5. Run the skill in an isolated environment (container or VM) first and verify behavior (what files it writes, what network endpoints it calls). 6. Replace hardcoded emails, usernames, and URLs with configurable parameters. 7. If you don't trust the author or the Tiklick ties, avoid granting credentials (Gmail/API tokens) and avoid running scripts that require sudo. If you want, I can produce a checklist of exact lines in the code to change/remove to make this safer (remove cron creation, stop writing to other skill dirs, explicit env var declarations, etc.).

Type: OpenClaw Skill Name: rhandus-alerting-system Version: 1.0.0 The skill is classified as suspicious due to multiple critical shell injection vulnerabilities and the use of elevated privileges for persistence. Specifically, `src/alert_manager.js` constructs shell commands for `gog gmail send` and `curl` by directly embedding alert titles, messages, and URLs without robust sanitization, allowing for arbitrary command execution if these inputs are controlled by an attacker. Additionally, `alert_integration.sh` uses `sudo` to create system directories and establish a cron job for continuous monitoring, which, while intended for legitimate functionality, represents a high-risk capability and persistence mechanism.