← Back to Skills Marketplace
yes999zc

Gateway Monitor Installer

by yes999zc · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
265
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install gateway-monitor-installer
Description
Install, update, run, and remove OpenClaw Gateway Monitor + Gateway Watchdog on macOS via LaunchAgent. Use when user asks to deploy one-click monitoring, rec...
README (SKILL.md)

Gateway Monitor Installer

Use bundled scripts for deterministic operations.

Runbook

  1. Install or update:
bash scripts/install.sh
  1. Verify status:
bash scripts/status.sh
  1. Uninstall cleanly:
bash scripts/uninstall.sh

What install.sh does

  • Copy monitor and watchdog binaries to ~/.openclaw/tools/gateway-monitor/bin/
  • Render LaunchAgent templates into ~/Library/LaunchAgents/
  • Backup existing plist files to ~/.openclaw/config-backups/
  • Bootstrap + enable + kickstart both agents
  • Run post-install status check

Services

  • ai.openclaw.gateway-monitor → monitor UI server (http://127.0.0.1:18990)
  • ai.openclaw.gateway-watchdog → periodic gateway self-healing check

Notes

  • Re-running install.sh is safe (idempotent)
  • watchdog script expects OpenClaw CLI at /opt/homebrew/bin/openclaw
  • If node path differs, edit assets/bin/gateway-watchdog.sh before install
Usage Guidance
This package mostly does what it advertises (create user LaunchAgents and run a local monitor), but there are several red flags you should consider before installing: - The monitor binary reads local files that may contain credentials (~/.openclaw/agents/main/agent/auth-profiles.json) and also accepts an env var MINIMAX_CP_KEY; those secrets could be used in outbound requests. The SKILL metadata does not disclose needing or using credentials. - The server code performs outbound HTTPS requests to an external domain (MINIMAX_REMAINS_URL). If a local API key is included, it could be sent externally. If you do not trust the skill source, do not run it on a machine holding sensitive credentials. - install.sh references launchagent template files that are not present in the provided manifest; the installer may fail or behave unpredictably. Inspect the templates (assets/launchagents/*.plist.tpl) before running — they determine what gets launched and with what environment. - The monitor opens a local HTTP UI on 127.0.0.1:18990. Although localhost-only, any local user/process could query it; review what endpoints expose logs or status before trusting it with sensitive systems. Recommended actions: - Inspect the full gateway-monitor-server.js (and any truncated parts) to confirm exactly what data is collected and what outbound requests are made. - Verify or obtain the missing LaunchAgent templates and review them to ensure no unexpected environment or network configuration is injected. - Run the installer in an isolated account or VM first, or at minimum set firewall rules to block outbound connections and unset MINIMAX_CP_KEY to avoid leaking local keys. - If you need only a watchdog, consider extracting/rewriting a minimal watchdog script that does not read auth profiles or perform external network calls. Given the secrets-access pattern and the mismatch between declared requirements and actual file/env access, proceed only if you trust the source and have audited the code and templates; otherwise treat this skill as untrusted.
Capability Analysis
Type: OpenClaw Skill Name: gateway-monitor-installer Version: 1.0.0 The bundle installs persistent macOS LaunchAgents and a Node.js monitoring server that reads sensitive credentials from 'auth-profiles.json' to query the MiniMax API (minimaxi.com). A significant security vulnerability exists in 'gateway-monitor-server.js' where the '/api/restore-config' endpoint performs a state-changing filesystem operation (overwriting the main configuration with a backup) via a simple GET request. While these capabilities are aligned with the stated purpose of gateway monitoring and self-healing, the combination of persistence, credential access, and insecure API design warrants a suspicious classification.
Capability Assessment
Purpose & Capability
The scripts do implement installation/uninstall of a local monitor and watchdog via LaunchAgents (coherent with the name). However the monitor server code reads files like ~/.openclaw/agents/main/agent/auth-profiles.json and looks for an API key and also references an external MINIMAX_REMAINS_URL — access to local auth profiles and an external service are not explained in the SKILL metadata or description and are not obviously required just to 'install/run/uninstall a monitor'.
Instruction Scope
SKILL.md instructs only to run the bundled install/status/uninstall scripts, but the server binary reads local log files (~/.openclaw/logs, /tmp/openclaw/*.log), reads an auth-profiles.json for a possible API key, uses execSync to run system commands (openclaw CLI/status), and makes outbound HTTPS requests. Those behaviors extend beyond simple install/status operations and are not documented in the runbook.
Install Mechanism
There are no external downloads (good), and files are installed under the user's home directory and LaunchAgents (expected). However install.sh references launchagent template files under assets/launchagents/${LABEL}.plist.tpl which are not present in the provided file manifest — that likely makes the installer fail or behave unexpectedly. No remote code fetches were observed, but the missing templates are an inconsistency.
Credentials
The registry metadata declares no required env vars or credentials, but the code reads several env vars at runtime (e.g., MINIMAX_CP_KEY, OPENCLAW_STATUS_CMD, OPENCLAW_FULL_STATUS_CMD, PORT) and will try to read ~/.openclaw/agents/.../auth-profiles.json to extract an API key. Asking for or using sensitive local credentials is not declared or justified in the skill metadata.
Persistence & Privilege
The skill installs per-user LaunchAgents in ~/Library/LaunchAgents and copies binaries to ~/.openclaw/tools — this is normal for a user-level persistent monitor. It does not request system-wide (root) changes in the provided scripts. The service will persist and run as the user, which gives it ongoing local access to logs and local files.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install gateway-monitor-installer
  3. After installation, invoke the skill by name or use /gateway-monitor-installer
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release
Metadata
Slug gateway-monitor-installer
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Gateway Monitor Installer?

Install, update, run, and remove OpenClaw Gateway Monitor + Gateway Watchdog on macOS via LaunchAgent. Use when user asks to deploy one-click monitoring, rec... It is an AI Agent Skill for Claude Code / OpenClaw, with 265 downloads so far.

How do I install Gateway Monitor Installer?

Run "/install gateway-monitor-installer" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Gateway Monitor Installer free?

Yes, Gateway Monitor Installer is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Gateway Monitor Installer support?

Gateway Monitor Installer is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Gateway Monitor Installer?

It is built and maintained by yes999zc (@yes999zc); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463942 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259883 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200739 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191401 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190375 · by oswalpalash

💬 Comments