← Back to Skills Marketplace
463
Downloads
0
Stars
1
Active Installs
3
Versions
Install in OpenClaw
/install openclaw-claw-guard
Description
System-level watchdog for OpenClaw gateway restarts and sub-agent task PIDs. Monitors registered PIDs and optional log/directory freshness. Auto-reverts conf...
Usage Guidance
Before installing: 1) Review and confirm you trust the author — this will install a persistent user service and a CLI under your home directory. 2) Understand it will copy/restore your ~/.openclaw/openclaw.json from backups and will run systemctl/launchctl to restart the gateway — that's the intended behavior but is powerful, so ensure backups are what you expect. 3) Notifications include snippets of status/journal output and will be sent through your configured OpenClaw channels — verify that those channels are appropriate to receive potential debug output. 4) The installer requires python3 in PATH; it embeds your current PATH into the service environment. If you have concerns about the exact python binary used, inspect/modify install.sh before running. 5) If you need tighter control, consider installing but not enabling ExecStartPre in the gateway service, or run the daemon manually first to observe behavior. If you want more assurance, review the three script files locally (they are small and self-contained) before running the installer.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-claw-guard
Version: 1.1.0
The OpenClaw ClawGuard skill is classified as suspicious due to its powerful system-level capabilities and reliance on external components, which introduce potential vulnerabilities. The `scripts/install.sh` script installs a persistent user-level service (systemd/launchd) that runs the `scripts/claw-guard.py` daemon. This daemon performs critical actions such as modifying the `~/.openclaw/openclaw.json` configuration file, restarting the OpenClaw gateway service, and sending notifications via the `openclaw` CLI. The `notify` function in `scripts/claw-guard.py` executes `openclaw message send` with user-controlled `target` and `message` arguments. While `subprocess.run` with a list of arguments mitigates direct shell injection, it relies on the `openclaw` CLI being robust against argument injection. Furthermore, sending gateway status, error logs, or journal entries to a user-defined target (a core feature) poses an information disclosure risk if an untrusted target is specified. These capabilities, while aligned with the stated watchdog purpose, represent significant power that could be exploited if the agent or its inputs are compromised, leading to potential system compromise or data leakage, thus warranting a 'suspicious' classification rather than 'benign' or 'malicious'.
Capability Assessment
Purpose & Capability
The skill is a local watchdog that watches PIDs, log/dir mtimes, and gateway restarts. The files and install script operate entirely in the user's home (~/.openclaw and ~/.local/bin) and interact with the system service manager (systemd user unit or launchd) and the 'openclaw' CLI for notifications — all of which align with the described purpose.
Instruction Scope
The SKILL.md and code limit activity to explicitly registered tasks and gateway restart watches. The daemon reads/writes ~/.openclaw/openclaw.json (backups), reads journalctl / launchctl output, and includes small snippets of status/journal in notification messages. That behavior is coherent with 'why the gateway failed' diagnostics, but it means systemd/journal output and parts of the local openclaw config may be sent out via the configured OpenClaw notification targets — review whether those notifications might leak sensitive information to external channels.
Install Mechanism
No remote downloads or package registry installs; install.sh copies local files into the user's home, creates a CLI wrapper in ~/.local/bin, and registers a per-user systemd or launchd agent. This is low-risk compared to fetching/executing remote archives.
Credentials
The skill requires only Python3 to run and uses the user's OpenClaw config file and workspace. It does not request external credentials or unusual environment variables. Notifications are sent via the local 'openclaw' CLI, so sensitive channel configuration depends on the existing OpenClaw setup (not the skill).
Persistence & Privilege
The installer configures and enables a user-level persistent service (systemd user or launchd) that restarts automatically. always:false in the skill metadata. This is expected for a watchdog, but installing gives the skill a persistent background presence in the user's session until the user removes/stop the service.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-claw-guard - After installation, invoke the skill by name or use
/openclaw-claw-guard - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
Comprehensive SKILL.md: OpenClaw integration guide with ExecStartPre auto-registration, AGENTS.md rules template, end-to-end flow docs, CLI reference table.
v1.0.1
Gateway restart sends to default channel
v1.0.0
Initial release: system-level watchdog for OpenClaw gateway + sub-agent tasks. PID monitoring, log/dir freshness, gateway restart auto-revert. Cross-platform.
Metadata
Frequently Asked Questions
What is ClawGuard?
System-level watchdog for OpenClaw gateway restarts and sub-agent task PIDs. Monitors registered PIDs and optional log/directory freshness. Auto-reverts conf... It is an AI Agent Skill for Claude Code / OpenClaw, with 463 downloads so far.
How do I install ClawGuard?
Run "/install openclaw-claw-guard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is ClawGuard free?
Yes, ClawGuard is completely free (open-source). You can download, install and use it at no cost.
Which platforms does ClawGuard support?
ClawGuard is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created ClawGuard?
It is built and maintained by camopel (@camopel); the current version is v1.1.0.
More Skills