← Back to Skills Marketplace
690
Downloads
0
Stars
0
Active Installs
6
Versions
Install in OpenClaw
/install os-activity
Description
Personalize your openclaw by learning your operating system activity.
Usage Guidance
This skill appears to do what it says: it installs osquery (by downloading from GitHub) and uses osquery to read recent files, directories, running processes, and installed programs. Before installing, consider: 1) privacy — the output includes file paths and process names that may reveal sensitive data; only install if you trust the skill. 2) network/downloads — the installer fetches a release from GitHub; verify the SHA256 checksums in the script against the official osquery release page if you want assurance the binary is authentic. 3) sandboxing — if unsure, run the installer and scripts in a test account or VM first. 4) runtime dependencies — the installer uses requests (and optionally tqdm); if those packages are missing, you may be prompted to install them. If you accept those privacy and network tradeoffs, the skill is coherent with its stated purpose.
Capability Analysis
Type: OpenClaw Skill
Name: os-activity
Version: 1.1.0
The skill is classified as suspicious due to its reliance on downloading and installing an external binary (`osquery`) from GitHub via `scripts/install_osquery.py`. While the script attempts to mitigate risks with checksum verification and path traversal protection during archive extraction, this process introduces a supply chain vulnerability and the capability to execute arbitrary external code. Subsequently, other scripts (`processes.py`, `programs.py`, `recent_dirs.py`, `recent_files.py`) execute this installed `osquery` binary to collect sensitive system activity data (running processes, installed programs, recent files/directories). Although the stated purpose is benign ('personalization') and there's no direct evidence of malicious data exfiltration, the combination of external binary execution and collection of sensitive system information represents a high-risk capability that could be exploited if vulnerabilities were discovered or the source of the binary compromised.
Capability Assessment
Purpose & Capability
The name/description (gather OS activity) aligns with the included scripts (recent_files, recent_dirs, processes, programs) and an installer for osquery. Required binary is only python, which is reasonable for running the packaged Python scripts.
Instruction Scope
SKILL.md instructs the agent/user to run the included Python installer and query scripts. Those scripts run osquery locally and print file/process/program metadata. They operate on local system state only and do not, in the provided code, transmit results to external endpoints beyond downloading osquery during installation.
Install Mechanism
The installer downloads osquery from GitHub Releases (a standard release host) and extracts archives into the user's ~/.openclaw/tools path. The installer includes checksum verification and path traversal protections — this is appropriate, but downloading and extracting binaries is higher-risk than instruction-only skills, so verify checksums and network access before running.
Credentials
No environment variables or external credentials are requested. The capability does access local system metadata (file paths, recent files, processes, installed programs), which is consistent with its purpose but is privacy-sensitive.
Persistence & Privilege
The skill does not set always:true, does not require elevated platform privileges in its metadata, and installs osquery into a user-scoped directory under ~/.openclaw. It does not modify other skills or system-wide configurations in the visible code.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install os-activity - After installation, invoke the skill by name or use
/os-activity - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
Version 1.1.0 adds new OS activity query scripts.
- Added scripts to list running processes, installed programs, and recently accessed directories.
- Updated documentation to include usage instructions for the new scripts on Windows, macOS, and Linux.
- Expanded command set to enhance system activity detection and personalization capabilities.
v1.0.6
- Updated documentation to use the ~/.openclaw/workspace/skills/ directory for installation and script usage paths.
- Adjusted commands and examples for consistency with the new directory structure.
v1.0.5
No visible changes were detected in this version.
- No updates to code or documentation.
- Functionality and instructions remain the same as the previous release.
v1.0.4
- Auto-install osquery
v1.0.3
- Add checksum verification when installing osquery.
v1.0.1
- Added detailed SKILL.md documentation with overview, installation, usage guidance, and example output
- Provided sample commands for retrieving recently edited files on macOS and Windows
- Clarified that Linux is not currently supported
- Listed Python as a requirement for skill functionality
Metadata
Frequently Asked Questions
What is OS Activity?
Personalize your openclaw by learning your operating system activity. It is an AI Agent Skill for Claude Code / OpenClaw, with 690 downloads so far.
How do I install OS Activity?
Run "/install os-activity" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OS Activity free?
Yes, OS Activity is completely free (open-source). You can download, install and use it at no cost.
Which platforms does OS Activity support?
OS Activity is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OS Activity?
It is built and maintained by Xiaobao (@xiaobao520123); the current version is v1.1.0.
More Skills