← Back to Skills Marketplace
108
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install openclaw-mutual-repair
Description
Enables two OpenClaw instances to monitor each other via heartbeat, perform health checks, diagnose issues, and remotely repair for 24/7 stable operation.
Usage Guidance
This skill broadly matches its description (two-node heartbeat, health checks, and remote repair), but review these items before installing:
- Remove or rotate any leaked credentials: PUBLISH.md contains what looks like a Claw-CLI token — treat it as compromised and rotate it.
- Audit the full src/index.ts (the provided snippet was truncated) to confirm how repairs are executed (particularly whether it runs ssh/remote commands and with what arguments). If repairs invoke shell commands or SSH, ensure the commands are explicit and limited, and that SSH keys are tightly controlled.
- Run the skill in an isolated/staging environment first. The service listens by default on 0.0.0.0:9528 — configure firewalls to restrict access to the peer only and avoid exposing the port to the public internet.
- Ensure the host has expected utilities (pm2, nc, ss, ping) and that parsing of their output is robust for your OS; poorly parsed outputs can lead to incorrect diagnoses.
- Prefer least privilege: provide only the network connectivity necessary to the configured peer, and do not enable remote-repair until you have confirmed its exact behavior.
If you want, I can: 1) search the repo for other potential secrets, 2) try to reconstruct the truncated part if you can provide the rest of src/index.ts, or 3) produce a short checklist of safe configuration and firewall rules for deploying this skill.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-mutual-repair
Version: 1.0.0
The skill implements a 'mutual repair' system that allows two nodes to monitor each other and remotely restart processes. It is classified as suspicious because it uses high-risk functions like `child_process.exec` to run system commands (vulnerable to shell injection via the `remoteHost` configuration in `src/index.ts`) and starts an unauthenticated HTTP server on port 9528 that can trigger remote process restarts. Additionally, `PUBLISH.md` contains a hardcoded CLI token (`clh_wfoNYpWcWq0gNC7X0DfsbL2cW3Ayba7jxmGaNf_3IU0`), which is a significant security oversight. While these capabilities are aligned with the stated purpose, the lack of authentication and input sanitization creates a high risk of unauthorized remote code execution.
Capability Assessment
Purpose & Capability
Name, README, SKILL.md, skill.json and src/index.ts all describe a two-node heartbeat, health-check and repair system. The declared permissions (exec, network) match the implementation which runs shell checks and posts heartbeats to the peer; these capabilities are proportionate to the stated purpose.
Instruction Scope
SKILL.md confines instructions to configuring hosts/ports, starting/stopping the service and using health/diagnose/repair commands. The runtime code executes local system commands (free, top, pm2, ss, ping, nc) and sends HTTP requests to the configured remoteHost — this is within the expected scope but means the skill will read system state and may run repair commands when triggered.
Install Mechanism
No explicit install spec is provided (instruction-only) but the package contains code and package.json (axios dependency). That means ClawHub will install code/deps when added; lack of an install/verified release URL increases the surface for supply-chain concerns compared with a well-known package release mechanism.
Credentials
The skill declares no required environment variables (good) and permissions are reasonable for the task. However, documentation (PUBLISH.md) contains an embedded Claw-CLI token string, which appears to be a credential leaked into the repo; this is unrelated to normal runtime needs and is a red flag. Also remote-repair behavior may require SSH access (SKILL.md mentions SSH keys), so operators should ensure SSH use is limited and keys are managed securely.
Persistence & Privilege
always:false and default autonomous invocation are set (normal). The skill does not request system-wide config changes in the manifest. Autonomous invocation combined with exec/network is powerful but expected for an ops/repair skill; no evidence it demands persistent elevated platform privileges.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-mutual-repair - After installation, invoke the skill by name or use
/openclaw-mutual-repair - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
OpenClaw Mutual Repair v1.0.0
- 初始版本发布
- 实现双机心跳监控与自动告警
- 支持内存/CPU/进程健康检查
- 提供故障诊断和远程修复能力(PM2/systemd)
- 支持故障排查指令与安全隔离建议
Metadata
Frequently Asked Questions
What is Openclaw Mutual Repair?
Enables two OpenClaw instances to monitor each other via heartbeat, perform health checks, diagnose issues, and remotely repair for 24/7 stable operation. It is an AI Agent Skill for Claude Code / OpenClaw, with 108 downloads so far.
How do I install Openclaw Mutual Repair?
Run "/install openclaw-mutual-repair" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Openclaw Mutual Repair free?
Yes, Openclaw Mutual Repair is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Openclaw Mutual Repair support?
Openclaw Mutual Repair is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Openclaw Mutual Repair?
It is built and maintained by rfdiosuao (@rfdiosuao); the current version is v1.0.0.
More Skills