← Back to Skills Marketplace
VPS Guardian
by
strouddustinn-bot
· GitHub ↗
· v1.0.0
· MIT-0
68
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install vps-guardian
Description
Autonomous VPS monitoring and auto-remediation — kills runaway procs, frees disk, restarts dead services, hardens security. Not alerts. Action.
Usage Guidance
This skill does what it says (automated remediation) and therefore needs root — that makes mistakes or hidden behavior dangerous. Specific concerns: the README tells you to curl a script from raw.githubusercontent.com even though the package contains the script (provenance mismatch); some doc claims (CPU over 5 minutes, approval gates) don't match the code's simplistic implementation; there are bugs (e.g., incorrect f-string usage in journal vacuum command) that could prevent intended behavior. Before installing: (1) review the full guardian.py source line-by-line (especially iptables, kill logic, file deletions and systemctl calls); (2) run in a disposable/test VM or container as root only after inspection; (3) use --dry-run and confirm logs before enabling daemon/cron; (4) avoid blindly following the curl instruction — use the bundled script from a verified source or fetch only from a repository you trust; (5) verify the approval/auto-block logic and whitelist behavior to avoid accidental lockout. If you lack the ability to audit the code, treat this skill as high-risk and do not run it on any production VPS.
Capability Analysis
Type: OpenClaw Skill
Name: vps-guardian
Version: 1.0.0
The vps-guardian skill performs high-privilege system operations including process termination (os.kill), file deletion, and firewall modification via iptables in src/guardian.py. While these actions align with the stated purpose of autonomous server remediation in SKILL.md, the script's broad authority to modify system state as root poses a significant risk of unintended service disruption or data loss. Additionally, the documentation promotes a risky installation pattern via curl to a privileged path from an external GitHub repository (raw.githubusercontent.com/vps-guardian/guardian).
Capability Tags
Capability Assessment
Purpose & Capability
The name/description match what the code does: process killing, disk cleanup, service restarts, iptables modifications, journald/apt operations. Requiring root/sudo is proportional to those tasks. However the SKILL.md refers to external project pages and a raw GitHub download URL while the package metadata shows no homepage; that provenance mismatch is notable.
Instruction Scope
Runtime instructions and the included code both read and modify system state extensively (/proc, /var/log, /tmp, systemctl, journalctl, apt-get, iptables). These are within the stated purpose but are high-risk operations (process kills, file removals, firewall changes). The SKILL.md claims some safe behaviors (e.g., 'never auto-blocks — always requires approval', 'detect >90% CPU for 5+ minutes') that the code does not fully implement as described (CPU check is a lifetime-average approximation; approval gating behavior is controlled by config but its enforcement path/interaction is not clearly auditable). The docs also instruct downloading the script from raw.githubusercontent.com, which is an external network fetch outside the packaged skill.
Install Mechanism
The skill package itself contains the Python script, but SKILL.md instructs users to curl a script from raw.githubusercontent.com. Raw GitHub is a common host but is an external download (supply-chain risk) and the referenced repo/homepage are absent from the package metadata. There is no formal install spec in the registry; installing via the documented curl command would fetch code outside the registry bundle.
Credentials
The skill requests no environment variables and no unrelated credentials. It does require root/sudo (documented) which is proportionate to its tasks (service control, iptables, file removals), but that level of privilege makes any bugs or unexpected behavior potentially destructive.
Persistence & Privilege
The skill is not set to always:true and model invocation is not disabled (normal). It offers daemon mode and cron scheduling in the docs; running it persistently as root grants continuous ability to act on the host. This is coherent with its purpose but increases blast radius — test carefully before enabling autonomous/daemon operation.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install vps-guardian - After installation, invoke the skill by name or use
/vps-guardian - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release — autonomous VPS monitoring and auto-remediation: kills runaways, frees disk, restarts services, hardens security
Metadata
Frequently Asked Questions
What is VPS Guardian?
Autonomous VPS monitoring and auto-remediation — kills runaway procs, frees disk, restarts dead services, hardens security. Not alerts. Action. It is an AI Agent Skill for Claude Code / OpenClaw, with 68 downloads so far.
How do I install VPS Guardian?
Run "/install vps-guardian" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is VPS Guardian free?
Yes, VPS Guardian is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does VPS Guardian support?
VPS Guardian is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created VPS Guardian?
It is built and maintained by strouddustinn-bot (@strouddustinn-bot); the current version is v1.0.0.
More Skills