← Back to Skills Marketplace
Sysclaw Ops
by
Morten Bojer
· GitHub ↗
· v1.6.2
· MIT-0
233
Downloads
0
Stars
0
Active Installs
9
Versions
Install in OpenClaw
/install sysclaw-ops
Description
SysClaw operator skill for processing agent requests and managing the cross-agent communication system. Use when SysClaw needs to check for pending agent req...
Usage Guidance
Do not enable this skill in production until you confirm the missing pieces and harden privileges. Specific checks: (1) Ask the publisher why registry metadata declares no required env vars while SKILL.md requires DB creds and a Telegram token. (2) Require a dedicated DB role with the minimal GRANTS listed, verify those grants in your DB, and ensure the role cannot run arbitrary SQL beyond the intended updates. (3) Confirm how SSH/command execution is performed — prefer ephemeral jump-host sessions or human-approved runbooks rather than automatic execution based on DB payloads. (4) Require OpenClaw cron job creation to be approved by an operator and limit its session capabilities. (5) Verify secure storage/rotation of the Telegram token and that escalations require human approval for high-risk actions. (6) Ask for the concrete implementation (code or agent session policy) to audit parameterized queries, input validation (avoid executing commands derived from untrusted payloads), and logging/immutable audit trails. The presence of leftover 'virus' strings and metadata mismatches is a quality signal — request publisher clarification before trusting the skill.
Capability Analysis
Type: OpenClaw Skill
Name: sysclaw-ops
Version: 1.6.2
The sysclaw-ops skill implements a centralized management system where an agent processes requests to execute high-privilege actions, such as SSH commands and software deployments, across a network. This architecture is inherently risky as it creates a single point of failure for remote code execution and lateral movement. Notably, references/db-schema.md and CHANGELOG.md reveal the use of 'virus' as a synonym for the human operator; the fact that these references remain in the schema despite changelog claims of their removal suggests either deceptive documentation or significant oversight in a high-privilege tool.
Capability Assessment
Purpose & Capability
The skill's stated purpose (server-side SysClaw operator) reasonably requires DB credentials and a Telegram token; the SKILL.md explicitly lists SYSCLAW_DB_* and a Telegram bot token. However the registry metadata declares no required env vars or primary credential — a clear mismatch. The SKILL.md also describes capabilities beyond simple notification handling (executing approved requests such as installs, config edits, restarts) that imply SSH or elevated system privileges; those access needs are not declared in the registry.
Instruction Scope
SKILL.md instructs the agent to read/write multiple DB tables, process verdicts, write security assessments, and (when approving requests) execute actions on infrastructure. It assumes the agent session has access to SSH and DB tools and describes creating an OpenClaw cron job. This grants the runtime the ability to execute arbitrary commands on hosts based on DB records/payloads — a high-impact operation. The docs also contain inconsistent terminology (resolvers/escalation fields referencing 'virus' in places), suggesting sloppy editing and potential hidden assumptions.
Install Mechanism
Instruction-only skill with no install spec and no code files reduces surface area for supply-chain installs. No downloads or package installs are requested by the skill itself.
Credentials
SKILL.md requests a full set of DB credentials (host, port, db name, user, password) and a Telegram token; it also requires DB privileges that include UPDATE on verdict/status columns and INSERT on notifications — significant write privileges. The registry metadata, however, lists no required env vars, so callers would not be warned about providing these secrets. The SKILL.md also implies need for SSH/session access but does not declare how keys/credentials are supplied or limited. The combination (DB write + potential remote command execution + messaging token) is high privilege and should be justified and constrained.
Persistence & Privilege
always:false (normal), but the skill documents creating an OpenClaw cron job that will run periodically with access to DB and SSH tools. Periodic autonomous runs plus broad execution power increases blast radius even though 'always' isn't set. Verify who can create/approve such cron jobs and whether the cron job will run with least privilege.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install sysclaw-ops - After installation, invoke the skill by name or use
/sysclaw-ops - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.6.2
Added reference link to db-schema.md in SKILL.md
v1.6.1
Fixed 'virus' terminology in db-schema.md, removed orphaned line in SKILL.md, added SQL pattern note, added CHANGELOG.md
v1.6.0
v1.6.0: Simplified execution model. SysClaw executes all approved requests - agents only ask because they can't do it themselves. Removed hybrid/agent-executed model.
v1.5.0
v1.5.0: Added worklog table for tracking executed actions. Added hybrid execution workflow - SysClaw executes info/software/service requests, agents execute config on their own machines. Added execution guidelines by request type.
v1.4.0
v1.4.0: Added SysClaw escalation handling section documenting heartbeat-based escalation to human operator.
v1.3.0
v1.3.0: Clarified Telegram escalation is manual (SysClaw handles it, not cron job). Cron job only flags requests as escalated.
v1.2.0
v1.2.0: Replaced operator name with generic 'human operator' for portability.
v1.1.0
v1.1.0: Added declared credentials with minimal privileges, clarified OpenClaw cron job (not a system binary), explained Telegram escalation via OpenClaw delivery, added security considerations section, explained Virus role, added installation documentation.
v1.0.0
v1.0.0: Server-side operations for cross-agent communication. Processing workflow, decision guidelines, DB schema reference, notification management. Split from sysclaw-reporting.
Metadata
Frequently Asked Questions
What is Sysclaw Ops?
SysClaw operator skill for processing agent requests and managing the cross-agent communication system. Use when SysClaw needs to check for pending agent req... It is an AI Agent Skill for Claude Code / OpenClaw, with 233 downloads so far.
How do I install Sysclaw Ops?
Run "/install sysclaw-ops" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Sysclaw Ops free?
Yes, Sysclaw Ops is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Sysclaw Ops support?
Sysclaw Ops is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Sysclaw Ops?
It is built and maintained by Morten Bojer (@mbojer); the current version is v1.6.2.
More Skills