← Back to Skills Marketplace
520
Downloads
0
Stars
1
Active Installs
6
Versions
Install in OpenClaw
/install gateway-monitor-macos
Description
Install and operate a local OpenClaw Gateway Monitor stack on macOS with LaunchAgent + watchdog. Use when setting up, repairing, or validating gateway-monito...
README (SKILL.md)
Gateway Monitor (macOS)
Run this skill when you need a reproducible install of gateway monitor + watchdog on macOS.
Install
Run:
bash scripts/install.sh
What it does:
- Copy monitor files to
~/.openclaw/tools/gateway-monitor - Install/update LaunchAgents:
ai.openclaw.gateway-monitorai.openclaw.gateway-watchdog
- Reload both jobs with
launchctl - Verify monitor API health (
/api/summary)
Status
Run:
bash scripts/status.sh
Uninstall
Run:
bash scripts/uninstall.sh
Notes
- This skill targets macOS
launchdonly. - Installer is idempotent: safe to run repeatedly.
- Backups of existing plists are written to
~/.openclaw/config-backupsbefore overwrite.
Usage Guidance
This skill installs a persistent user-level launchd service that inspects OpenClaw logs and state, may read ~/.openclaw/agents/main/agent/auth-profiles.json, runs OpenClaw CLI commands, and by default contacts an external URL (MINIMAX_REMAINS_URL). Before installing: (1) review server.js fully (look for network requests, where data is sent, and whether auth-profiles.json is parsed/sent); (2) consider running the code in a sandboxed account or VM first; (3) if you must run on your machine, block outbound network access for the monitor (host firewall) or set MINIMAX_REMAINS_URL to an innocuous value/localhost; (4) inspect ~/.openclaw/agents/... for sensitive tokens and back them up/remove if you don't want local auth data read; (5) validate the upstream repository (README references a GitHub URL) and prefer sources you trust. If you cannot audit the server.js behavior yourself, treat the install as potentially exposing local OpenClaw credentials and externalizing runtime telemetry.
Capability Analysis
Type: OpenClaw Skill
Name: gateway-monitor-macos
Version: 1.1.1
The skill installs a persistent monitoring stack on macOS using LaunchAgents and a Node.js web server. While the functionality is aligned with the stated purpose of monitoring OpenClaw services, the implementation contains significant security risks: the server in `assets/gateway-monitor/server.js` binds to all network interfaces (`0.0.0.0`) and lacks any authentication mechanism. This allows anyone on the local network to access the dashboard, read sensitive system logs, view session metadata, and trigger administrative actions like service restarts or configuration restoration via the `/api/gateway-restart` and `/api/restore-config` endpoints. These vulnerabilities facilitate unauthorized information disclosure and remote service manipulation, though no evidence of intentional malicious exfiltration was found.
Capability Assessment
Purpose & Capability
Name/description promise a local gateway monitor/watchdog and the included LaunchAgent plists, watchdog script, and server.js implement that. However server.js also references and may access ~/.openclaw/agents/main/agent/auth-profiles.json and external endpoints (MINIMAX_REMAINS_URL by default points to https://www.minimaxi.com). Reading agent auth profiles and contacting remote services is outside what the description explicitly promises and may not be necessary for a purely local monitor.
Instruction Scope
SKILL.md only instructs running scripts/install.sh, status.sh, uninstall.sh and mentions launchctl registration and health checking. It does not disclose that the installed server process will read user OpenClaw logs and auth-profile files, execute OpenClaw status/restart commands via execSync, track session IDs/usage, and reach external HTTP(s) endpoints. Those data accesses and network calls are not disclosed in the runtime instructions.
Install Mechanism
There is no remote download; all files are bundled. The installer copies files into $HOME/.openclaw/tools/gateway-monitor, writes LaunchAgent plists under ~/Library/LaunchAgents, backs up existing plists, and registers them via launchctl. No externally fetched code during install was observed.
Credentials
The skill declares no required env vars, but server.js honors multiple environment variables (OPENCLAW_* commands, MINIMAX_*, OMLX_* and OMLX_API_KEY, etc.) and falls back to defaults. The server reads an auth-profiles.json path under ~/.openclaw which likely contains sensitive credentials; this access is not declared or explained. The ability to POST or GET to external URLs combined with reading local auth files increases the risk of credential exposure.
Persistence & Privilege
Installer creates two per-user LaunchAgents (monitor + watchdog) with RunAtLoad and KeepAlive enabled, so the monitor runs persistently under the user account. always: false. Persistent background execution is consistent with a monitor but raises the blast radius because the service will run continuously and perform the undisclosed reads/network activity.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install gateway-monitor-macos - After installation, invoke the skill by name or use
/gateway-monitor-macos - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.1
Sync latest gateway-monitor updates: gateway restart action, log baseline clear toggle, oMLX update check UI and repo switch.
v1.1.0
Add Mac Studio memory usage monitoring and ACPX service health checks.
v1.0.3
Add Mac Studio memory usage monitoring and ACPX service health checks; sanitized release.
v1.0.2
Sanitize payload and remove duplicate installer directory
v1.0.1
Add README quickstart (install/status/uninstall)
v1.0.0
Initial release: LaunchAgent + watchdog + one-click install scripts
Metadata
Frequently Asked Questions
What is Gateway Monitor (macOS)?
Install and operate a local OpenClaw Gateway Monitor stack on macOS with LaunchAgent + watchdog. Use when setting up, repairing, or validating gateway-monito... It is an AI Agent Skill for Claude Code / OpenClaw, with 520 downloads so far.
How do I install Gateway Monitor (macOS)?
Run "/install gateway-monitor-macos" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Gateway Monitor (macOS) free?
Yes, Gateway Monitor (macOS) is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Gateway Monitor (macOS) support?
Gateway Monitor (macOS) is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Gateway Monitor (macOS)?
It is built and maintained by yes999zc (@yes999zc); the current version is v1.1.1.
More Skills