← Back to Skills Marketplace
312
Downloads
0
Stars
1
Active Installs
3
Versions
Install in OpenClaw
/install gateway-monitor
Description
Provides real-time monitoring, log search, service status, alerts, and one-click config restore for OpenClaw Gateway and related services.
README (SKILL.md)
Gateway Monitor - OpenClaw 监控面板
实时监控 OpenClaw Gateway 状态、日志检索、服务健康检查的一站式监控面板。
功能特性
- 实时监控:Gateway 运行状态、资源使用、会话上下文
- 日志检索:错误/警告高亮,支持关键字搜索和过滤
- 服务状态:launchd 服务、LiteLLM、oMLX、acpx
- LiteLLM 按需唤起:默认可保持停止,支持自动唤起或手动唤起/停止
- 告警系统:基于错误频率、资源消耗的自动告警
- 一键还原:配置出错时可从备份恢复
- 皮肤主题:深色 / 浅色 / 跟随系统,响应式布局
快速开始
安装
# 克隆项目
git clone https://github.com/yes999zc/gateway-monitor.git
cd gateway-monitor
# 无需依赖,直接运行
node server.js
# 浏览器访问
open http://127.0.0.1:18990
环境变量配置
# 可选配置
export PORT=18990 # 服务端口(默认 18990)
export OMLX_MODELS_URL=http://127.0.0.1:9981/v1/models # oMLX 模型端点
export OMLX_API_KEY=8888 # oMLX API 密钥
export LITELLM_BASE_URL=http://127.0.0.1:4000 # LiteLLM 端点
export LITELLM_CONTAINER_NAME=litellm-omlx # LiteLLM docker 容器名
export LITELLM_AUTO_WAKE_DEFAULT=0 # 是否默认自动唤起(0/1)
API 端点
GET /- 仪表盘页面GET /api/summary- 聚合状态快照GET /api/logs- 日志列表GET /api/gateway-status- Gateway 状态GET /api/launchd-status- launchd 服务状态GET /api/restore-config?confirm=true- 恢复配置GET /api/gateway-restart?confirm=true- 重启 GatewayGET /api/litellm-status?autoWake=1- LiteLLM 状态(可自动唤起)GET /api/litellm-control?action=wake|start|stop|restart&confirm=true- 控制 LiteLLM 容器GET /api/omlx-capabilities- oMLX 能力检测(模型/VLM/Embedding/Rerank)GET /api/litellm-wake- LiteLLM 按需唤起GET /api/omlx-update?check=1- 检查 oMLX 更新
监控面板截图
使用场景
- Gateway 健康检查:实时监控 Gateway 运行状态、token 使用情况
- 日志排查:快速定位错误日志,支持关键字搜索
- 配置恢复:配置出错时一键从备份恢复
- 服务管理:LiteLLM、oMLX 等服务状态监控与控制
安全说明
- 密钥脱敏显示:API key 首尾保留,中间用
***填充 - 恢复配置需要二次确认(前端弹窗 + URL 参数)
- 重启 Gateway 需要二次确认
后台运行
# 使用 launchd 托管(推荐)
cp bin/ai.openclaw.gateway-monitor.plist ~/Library/LaunchAgents/
launchctl load ~/Library/LaunchAgents/ai.openclaw.gateway-monitor.plist
# 手动后台运行
nohup node server.js > gateway-monitor.log 2>&1 &
更新日志
v1.0.1
- 改进 UI 界面设计
- 新增快照捕获功能
- 增强监控能力检测
v1.0.0
- 初始发布
- Gateway 状态监控
- 日志检索与告警系统
- 一键配置恢复
许可证
MIT License
贡献
欢迎提 Issue 和 PR!
Usage Guidance
Do not blindly run the commands in SKILL.md. The published skill bundle contains only instructions, not the code it tells you to run; it asks you to clone and execute a repository and to install a persistent launchd agent, and it references API keys and container controls that are not declared in the metadata. Before installing: (1) review the actual repository code (https://github.com/yes999zc/gateway-monitor) and the plist to ensure there are no network exfiltration endpoints or opaque behavior; (2) confirm why the skill metadata omits required binaries and env vars (node, git, launchctl, docker); (3) avoid putting real API keys in global env vars — use scoped/test keys and run the service in an isolated environment (VM/container) until you audit it; (4) verify what /api/restore-config and /api/gateway-restart actually do and whether they require elevated privileges; and (5) prefer an officially released package (release tarball with checksums or signed release) rather than cloning a live repo for production installation. If you want, provide the repository contents (server.js and bin files) and I can re-evaluate the code behavior specifically.
Capability Analysis
Type: OpenClaw Skill
Name: gateway-monitor
Version: 1.0.3
The skill bundle describes a monitoring dashboard with high-privilege capabilities, including service control (restarting Gateway/LiteLLM) and configuration restoration. These actions are triggered via simple GET requests (e.g., `/api/restore-config?confirm=true` and `/api/gateway-restart?confirm=true` in `SKILL.md`), which poses a risk of accidental execution by the AI agent or CSRF. While the stated intent is administrative, the broad system-level permissions and the lack of source code to verify security claims (like key masking) warrant a suspicious classification.
Capability Assessment
Purpose & Capability
The skill claims to be a Gateway monitoring dashboard, which plausibly needs access to local services, logs, and control actions. However the package metadata declares no required binaries or env vars while SKILL.md explicitly requires git, node, launchctl, and references Docker/container control and API keys. skill.yaml also references a build entry/server.js but no code is bundled. The declared requirements do not match the actions the instructions ask you to perform.
Instruction Scope
SKILL.md instructs the user to git clone a GitHub repo and run `node server.js`, copy a plist into ~/Library/LaunchAgents and run launchctl, and provides HTTP endpoints that perform config restore and gateway restart. It also references local admin-type operations (start/stop/restart services, wake containers) and sensitive env vars (OMLX_API_KEY). These instructions go beyond passive monitoring and include potentially disruptive privileged actions; the skill metadata did not surface or justify these operations.
Install Mechanism
Although the registry package is instruction-only (no install spec), the runtime instructions explicitly tell the user to download and run code from https://github.com/yes999zc/gateway-monitor. That is effectively a download-and-execute flow: code is fetched at runtime from an external repo rather than being provided for review in the skill bundle. This increases risk because the code you will execute is not included in the skill for pre-install review.
Credentials
The SKILL.md lists several environment variables (PORT, OMLX_MODELS_URL, OMLX_API_KEY, LITELLM_BASE_URL, LITELLM_CONTAINER_NAME, LITELLM_AUTO_WAKE_DEFAULT) including an API key, but the skill's registry metadata declares no required env vars or primary credential. Requesting API keys and container control without declaring them in metadata is a disproportionate and unexplained gap.
Persistence & Privilege
The skill does not set always:true and allows normal autonomous invocation. However the instructions explicitly recommend installing a LaunchAgents plist (copying to ~/Library/LaunchAgents and loading it) which would persist a service on the user's machine. Persisting a monitoring agent is plausible for this purpose, but it increases the blast radius if the code is untrusted — the skill package does not include the plist or service code for review.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install gateway-monitor - After installation, invoke the skill by name or use
/gateway-monitor - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.3
Sanitized package and synced latest gateway-monitor project updates
v1.0.2
Improve UI, add snapshot capture feature, enhance monitoring capabilities
v1.0.1
Improve UI, add snapshot capture feature, enhance monitoring capabilities
Metadata
Frequently Asked Questions
What is Gateway Monitor?
Provides real-time monitoring, log search, service status, alerts, and one-click config restore for OpenClaw Gateway and related services. It is an AI Agent Skill for Claude Code / OpenClaw, with 312 downloads so far.
How do I install Gateway Monitor?
Run "/install gateway-monitor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Gateway Monitor free?
Yes, Gateway Monitor is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Gateway Monitor support?
Gateway Monitor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Gateway Monitor?
It is built and maintained by yes999zc (@yes999zc); the current version is v1.0.3.
More Skills