← Back to Skills Marketplace

Huawei Device Inspector

Name: Huawei Device Inspector
Author: v585

by 聿歆 · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

131

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install huawei-device-inspector

Description

通过SSH自动巡检华为交换机和路由器，执行状态检查、告警和安全风险排查，生成详细健康报告。

README (SKILL.md)

华为设备巡检技能

技能描述

通过SSH连接华为交换机/路由器，自动执行状态检查、告警查询、安全风险排查，生成巡检报告。

触发关键词

华为巡检
交换机状态
路由器检查
设备巡检
华为设备状态

设备信息

S7703S 核心交换机

管理地址：192.168.255.253
用户名：openclaw
密码：openclaw@2026

AR6280-S 路由器

管理地址：192.168.255.254
用户名：openclaw
密码：openclaw@2026

执行步骤

1. 建立SSH连接

使用pexpect建立交互式SSH连接（华为设备直接SSH会被断开）：

import pexpect

def connect_device(host, username, password):
    child = pexpect.spawn(f'ssh -o StrictHostKeyChecking=no {username}@{host}', timeout=60)
    child.expect(['password:', 'Password:'], timeout=10)
    child.sendline(password)
    child.expect(['>', '#'], timeout=15)
    return child

2. 执行巡检命令

按顺序执行以下命令收集信息：

命令	用途
`display version`	系统版本、运行时间
`display device`	硬件状态
`display cpu-usage`	CPU使用率
`display memory-usage`	内存使用率
`display alarm active`	活动告警
`display temperature all`	温度状态
`display power`	电源状态
`display fan`	风扇状态
`display anti-attack statistics`	攻击防御统计

3. 解析告警信息

重点关注以下告警类型：

告警名称	级别	说明
hwSysSecureRiskWarning	Warning	安全风险警告
hwGtlDefaultValue	Major	License未激活
hwLdtPortLoopDetect	Warning	端口环路检测
linkDown	Critical	接口断开

4. 生成巡检报告

报告包含：

基本信息（型号、版本、运行时间）
硬件状态（板卡、电源、风扇、温度）
资源使用（CPU、内存）
活动告警列表
问题总结和建议

输出格式

## 华为 [型号] 巡检报告

### 基本信息
| 项目 | 状态 |
|------|------|
| 型号 | xxx |
| 系统版本 | xxx |
| 运行时间 | xxx |

### 硬件状态
| 组件 | 状态 |
|------|------|
| 主控板 | Normal |
| 电源 | Normal |
| 风扇 | Normal |
| 温度 | xx°C |

### 资源使用
| 指标 | 当前值 | 状态 |
|------|--------|------|
| CPU | xx% | ✅/⚠️ |
| 内存 | xx% | ✅/⚠️ |

### 活动告警
| 级别 | 告警 | 说明 |
|------|------|------|
| Warning | xxx | xxx |

### 问题总结
1. xxx
2. xxx

适用场景

日常巡检 — 定期检查设备健康状态
故障排查 — 设备异常时快速定位问题
安全审计 — 检查安全风险和攻击防御情况

注意事项

华为设备SSH连接需要使用pexpect，直接SSH会被断开
命令输出可能有分页（---- More ----），需要发送空格继续
告警级别：Critical > Major > Warning
CPU使用率持续>70%需要关注
端口环路告警需要立即处理

依赖

Python3 + pexpect
sshpass（可选，用于简单命令）

Usage Guidance

This skill does what it says (connects to Huawei devices over SSH and runs inspection commands), but it includes hard-coded device IPs and plaintext credentials inside SKILL.md. Do NOT run it as-is on your network. Before installing: - Treat the listed IPs/credentials as potentially sensitive and either remove them or confirm they are safe test accounts. - Replace embedded credentials with user-supplied secrets (environment variables, secure prompt, or secret store) and declare them in the skill metadata. - Prefer SSH key authentication and avoid disabling host-key checking. - Review every command the skill will run to ensure it won't reveal or exfiltrate config/state you don't want sent elsewhere. - If you intend to use it in production, run it in a controlled environment and limit network access (sandbox/VPN) until you verify behavior. If you cannot validate the source or intended targets, consider this skill unsafe to run.

Capability Analysis

Type: OpenClaw Skill Name: huawei-device-inspector Version: 1.0.0 The skill bundle contains hardcoded credentials (username and password 'openclaw@2026') for specific internal IP addresses and explicitly instructs the agent to disable SSH host key checking (`StrictHostKeyChecking=no`) in SKILL.md. While these are significant security vulnerabilities that could facilitate man-in-the-middle attacks or unauthorized access if deployed in a production environment, they appear to be functional flaws or poor security practices rather than intentional malware designed to exfiltrate data from the agent's host.

Capability Assessment

ℹ Purpose & Capability

The name/description (Huawei device SSH inspection) aligns with the instructions to SSH and run display commands. However, the SKILL.md embeds concrete device IPs and plaintext credentials instead of asking the user to provide or store credentials securely; that is unexpected for a reusable skill.

⚠ Instruction Scope

The instructions tell the agent to spawn interactive SSH sessions via pexpect and run many device commands (expected). But they also include hard-coded management addresses and passwords, and advise disabling host key checking (-o StrictHostKeyChecking=no). The instructions do not specify how credentials should be supplied, validated, or limited, and they would cause the agent to connect to specific hosts automatically if run as-is.

✓ Install Mechanism

This is an instruction-only skill with no install spec; it lists reasonable runtime dependencies (Python3 + pexpect, optional sshpass). No downloads or archive extracts are present.

⚠ Credentials

requires.env is empty but the SKILL.md contains plaintext usernames and passwords and specific management IPs. The skill requests no declared secrets while expecting access to device credentials — that mismatch is disproportionate and increases risk (hard-coded secrets, unclear secret sourcing).

✓ Persistence & Privilege

The skill is not always-enabled and has no install-time persistence. It does not request system-wide configuration changes or elevated platform privileges.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install huawei-device-inspector
After installation, invoke the skill by name or use /huawei-device-inspector
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release: Automates inspection and reporting for Huawei switches and routers. - Connects to Huawei devices via SSH using pexpect to avoid connection drops. - Executes key diagnostic commands to collect status, hardware, resource usage, and alarm information. - Parses and highlights critical alarms, security risks, and abnormal resource usage. - Automatically generates detailed inspection reports in Markdown format. - Designed for routine checks, troubleshooting, and security audits of Huawei network devices. - Requires Python 3 and pexpect library.

Metadata

Slug huawei-device-inspector

Version 1.0.0

License MIT-0

All-time Installs 1

Active Installs 1

Total Versions 1

Frequently Asked Questions

What is Huawei Device Inspector?

通过SSH自动巡检华为交换机和路由器，执行状态检查、告警和安全风险排查，生成详细健康报告。 It is an AI Agent Skill for Claude Code / OpenClaw, with 131 downloads so far.

How do I install Huawei Device Inspector?

Run "/install huawei-device-inspector" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Huawei Device Inspector free?

Yes, Huawei Device Inspector is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Huawei Device Inspector support?

Huawei Device Inspector is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Huawei Device Inspector?

It is built and maintained by 聿歆 (@v585); the current version is v1.0.0.

More Skills