← Back to Skills Marketplace
BotLearn Healthcheck
by
asterisk622
· GitHub ↗
· v1.0.7
· MIT-0
119
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install xiaoding-botlearn-healthcheck
Description
botlearn-healthcheck — BotLearn autonomous health inspector for OpenClaw instances across 5 domains (hardware, config, security, skills, autonomy); triggers...
Usage Guidance
This skill appears to do what it says (a deep OpenClaw health audit) but its runtime instructions tell the agent to autonomously read many sensitive files and run local OpenClaw CLI commands. Before installing or enabling it: 1) only install from a trusted publisher; 2) review the contents of $OPENCLAW_HOME (openclaw.json, identity/, logs, cron/) to understand what data would be exposed; 3) consider running the checks in a low-privilege or isolated/test environment first; 4) if possible, enforce a policy that the agent must ask for explicit user confirmation before reading or transmitting sensitive files; and 5) verify what the agent will do with collected data (where reports are sent/stored). If you cannot verify the skill's origin or you cannot isolate the environment, avoid enabling it with full access.
Capability Analysis
Type: OpenClaw Skill
Name: xiaoding-botlearn-healthcheck
Version: 1.0.7
The skill bundle defines an autonomous diagnostic tool with broad access to sensitive system data, including configuration files (openclaw.json), identity listings, and gateway logs. While SKILL.md includes explicit instructions for the agent to redact credentials and seek user confirmation before executing fixes, the extensive data collection and reliance on multiple external shell scripts (e.g., scripts/collect-security.sh and scripts/collect-env.sh) constitute high-risk capabilities. The intent appears to be a legitimate health check, but the broad permissions and potential for sensitive data exposure via the reporting mechanism warrant a suspicious classification.
Capability Assessment
Purpose & Capability
Name/description, required binaries (curl, node, bash, and openclaw/clawhub), and primaryEnv (OPENCLAW_HOME) are consistent with a system health inspector for OpenClaw. The breadth of checks (hardware, config, security, skills, autonomy) justifies many of the CLI calls and file reads listed.
Instruction Scope
The SKILL.md explicitly instructs the agent to 'Collect all data autonomously. Never ask the human to execute commands' and enumerates many reads and commands that access potentially sensitive files: $OPENCLAW_HOME/openclaw.json, $OPENCLAW_HOME/cron/*.json, identity directory listing, gateway error logs, workspace identity files, model metadata, etc. It also directs running system-local scripts (scripts/collect-*.sh) and openclaw CLI commands. Those are plausible for a health audit, but they are high-sensitivity operations and the skill contains references to additional docs (setup.md, data_collect.md, check_*.md, openclaw_knowledge.md) that are not bundled — the agent will therefore try to read them from the host environment, which broadens the scope of file access.
Install Mechanism
Instruction-only skill with no install spec — nothing is downloaded or written by the skill installer itself. This is the lowest installer risk.
Credentials
The skill requests access to OPENCLAW_HOME and instructs reading multiple config, log, identity, cron, and workspace files that frequently contain secrets, tokens, or private user data. While such access can be legitimate for a thorough healthcheck, the number and sensitivity of items accessed is high and no limit/consent mechanism is present in the instructions.
Persistence & Privilege
The registry flags are normal (always:false, autonomous invocation allowed). The SKILL.md's 'never ask the human' directive plus allowed autonomous invocation increases the chance the agent will execute many local commands without explicit per-run confirmation — this is expected for an autonomous healthcheck but increases blast radius if the skill is untrusted.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install xiaoding-botlearn-healthcheck - After installation, invoke the skill by name or use
/xiaoding-botlearn-healthcheck - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.7
No changes detected in this release.
- Version number updated to 1.0.7.
- No file or documentation changes compared to the previous version.
v1.0.1
Initial release - BotLearn health check skill
Metadata
Frequently Asked Questions
What is BotLearn Healthcheck?
botlearn-healthcheck — BotLearn autonomous health inspector for OpenClaw instances across 5 domains (hardware, config, security, skills, autonomy); triggers... It is an AI Agent Skill for Claude Code / OpenClaw, with 119 downloads so far.
How do I install BotLearn Healthcheck?
Run "/install xiaoding-botlearn-healthcheck" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is BotLearn Healthcheck free?
Yes, BotLearn Healthcheck is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does BotLearn Healthcheck support?
BotLearn Healthcheck is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux).
Who created BotLearn Healthcheck?
It is built and maintained by asterisk622 (@asterisk622); the current version is v1.0.7.
More Skills