← Back to Skills Marketplace
1840
Downloads
2
Stars
5
Active Installs
1
Versions
Install in OpenClaw
/install ops-framework
Description
A 0-token jobs + monitoring framework for OpenClaw: run long-running read tasks via scripts, checkpoint/resume safely, and send periodic progress + immediate alerts to Telegram. Write jobs are blocked by default and must be explicitly approved and verified.
Usage Guidance
This package is coherent and implements what it says, but review before enabling: 1) Inspect ops-jobs.json and keep all jobs disabled until you trust commands; the script will run whatever command you configure and may include output (stdout/stderr tails) in Telegram alerts. 2) Check your ~/.openclaw/openclaw.json — it may contain a Telegram botToken that the script will use to send messages; only allow the script access if you intend it to send messages. 3) Run python3 ops-monitor.py --print-only / selftest to verify behavior and test with dummy jobs. 4) Do not enable or grant approval for write-type jobs unless you audited the commands and linked verification jobs. 5) Because the source is 'unknown', consider running the script in a limited user account or VM, confirm there are no unexpected network endpoints beyond Telegram API, and lock file permissions on your OpenClaw config/state. If you want higher assurance, request the upstream repo or a signed release for code review.
Capability Analysis
Type: OpenClaw Skill
Name: ops-framework
Version: 0.1.0
The skill provides a framework for running arbitrary shell commands via user-defined jobs, which is a high-risk capability. However, the code (`ops-monitor.py`) and agent instructions (`SKILL.md`, `OPS_FRAMEWORK.md`) implement significant security guardrails: write jobs are blocked by default and require explicit approval and a read-only verification step, and the agent is instructed to enforce these controls and seek user confirmation for risky actions. There is no clear evidence of intentional malicious behavior, data exfiltration to unauthorized endpoints, or persistence mechanisms installed by the skill itself. The prompt injection instructions are designed to enhance security and transparency, not bypass them. The inherent risk of executing arbitrary commands, even with strong controls, makes it suspicious rather than benign.
Capability Assessment
Purpose & Capability
Name/description match the included materials: SKILL.md/OPS_FRAMEWORK.md describe a local jobs monitor and ops-monitor.py implements it. The script's behaviors (running configured job commands, checking statuses, and sending Telegram messages via openclaw or a bot token in openclaw.json) are exactly what the skill claims.
Instruction Scope
Runtime instructions keep activity local (copy files to OPENCLAW_HOME, run python3 ops-monitor.py, configure ops-jobs.json). The script intentionally executes user-provided commands from job configs and sends status/alerts to Telegram; this is part of the stated purpose but means the tool can surface any command output (including sensitive data) if you configure jobs to produce it. One-shot write jobs are documented as blocked by default, and example configs default to disabled jobs.
Install Mechanism
No install spec or remote downloads are present — this is instruction-only with a local Python script. Nothing is fetched from external URLs during install.
Credentials
The skill requires no declared env vars or external credentials, but at runtime the script reads OPENCLAW_HOME/openclaw.json (to discover Telegram target and botToken) and will use an available openclaw binary if present. Reading that config and optionally using the bot token is proportional to the skill's 'send Telegram alerts' feature; however openclaw.json may contain sensitive tokens, so granting the script access effectively gives it permission to send arbitrary messages via that token.
Persistence & Privilege
always:false (normal). The script writes its own state under ~/.openclaw/net/state/ops-monitor.json and config is stored under ~/.openclaw/net/config; it does not request persistent platform-wide privileges or modify other skills. That level of persistence is expected for a local monitor.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install ops-framework - After installation, invoke the skill by name or use
/ops-framework - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release
Metadata
Frequently Asked Questions
What is Ops Framework?
A 0-token jobs + monitoring framework for OpenClaw: run long-running read tasks via scripts, checkpoint/resume safely, and send periodic progress + immediate alerts to Telegram. Write jobs are blocked by default and must be explicitly approved and verified. It is an AI Agent Skill for Claude Code / OpenClaw, with 1840 downloads so far.
How do I install Ops Framework?
Run "/install ops-framework" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Ops Framework free?
Yes, Ops Framework is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Ops Framework support?
Ops Framework is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Ops Framework?
It is built and maintained by zjianru (@zjianru); the current version is v0.1.0.
More Skills