← Back to Skills Marketplace
jasonzhangshuo

Openclaw Safety Guard

by jasonzhangshuo · GitHub ↗ · v0.1.1
cross-platform ✓ Security Clean
349
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install openclaw-safety-guard
Description
OpenClaw 安全卫士(发布 slug:openclaw-safety-guard,内部代号:openclaw-watchdog):默认工作日 10:00 自动扫描 7 个维度(安全、记忆、心跳、定时任务、共享文件、通讯、代码规范),生成健康评分和可视化 Dashboard,通过飞书私信发送报告;没有 Cur...
Usage Guidance
This skill is coherent with its stated purpose (local watchdog that notifies via Feishu) but it will: (1) read many local files (LaunchAgents plist, exec-approvals, git working tree, workspace knowledge directories), (2) write config.json and register a scheduled cron job, and (3) may perform automated low-risk fixes (chmod). Before installing: review the actual contents of scripts/setup.py, scripts/fix_green.py, scripts/notify_feishu.py and scripts/upload_to_feishu_drive.py to confirm they only access/ship data you expect and that fixes are limited to safe operations. Consider running the pipeline manually in a safe environment (python3 scripts/run_pipeline.py) with FEISHU env vars unset to inspect outputs first. Because the source and homepage are absent and a base64-block was flagged by the scanner, exercise caution: prefer manual code review or running the code in an isolated/test environment before granting it access to your real Feishu credentials and production workspace.
Capability Analysis
Type: OpenClaw Skill Name: openclaw-safety-guard Version: 0.1.1 The skill is a comprehensive health and security monitoring tool for OpenClaw projects. It audits seven dimensions including security (checking for leaked API keys in Git history and insecure file permissions), memory health, and task configurations. It generates a local HTML dashboard and sends reports via Feishu. The code uses standard Python libraries and subprocess calls for legitimate auditing tasks (e.g., `git log`, `openclaw doctor`). The setup process correctly binds notifications to the installer's Feishu ID, and the automated 'fix' functionality is limited to low-risk security hardening (chmod 600). No evidence of data exfiltration to unauthorized endpoints or malicious persistence was found.
Capability Assessment
Purpose & Capability
The name/description promise a local watchdog that scans 7 dimensions and notifies via Feishu. Requested binaries (python3, node, npm) and environment variables (FEISHU_APP_ID, FEISHU_APP_SECRET) match that purpose (Python scripts for probes and a Node frontend build; Feishu credentials for notification/upload). The included scripts (scan_*.py, generate_dashboard.py, notify_feishu.py, upload_to_feishu_drive.py, setup.py) align with the declared functionality.
Instruction Scope
SKILL.md tells the agent to run setup.py (which writes config.json and registers a cron job), then run run_pipeline.py to execute probes that scan code, plist/launch agents, exec-approvals, git repos, memory/knowledge dirs and other local paths. Those reads and writes are within the stated watchdog scope, but they are broad (system LaunchAgents, exec-approvals file, workspace files). The agent will also obtain the installer’s Feishu open_id from the conversation context to populate notify.receive_id — this is expected for automated notifications but is an access-to-conversation-context action worth noting.
Install Mechanism
There is no external install spec (no arbitrary download step); code is provided in the skill bundle and SKILL.md instructs running local Python/Node commands. This is lower risk than fetching executables from untrusted URLs. No installers or third-party URL downloads are referenced in SKILL.md.
Credentials
Only FEISHU_APP_ID and FEISHU_APP_SECRET are declared and these are justified by the Feishu notification/drive upload functionality. However, the skill will read many local files/paths (plist, exec-approvals, workspace files, git repos) as part of scans; while coherent with the purpose, these are sensitive sources of data. The primaryEnv (FEISHU_APP_ID) is appropriate.
Persistence & Privilege
The skill’s post-install setup writes config.json and registers a cron job under .openclaw/state/cron/jobs.json and instructs restarting the Gateway so daily scans run. It also includes an automatic 'fix_green.py' remediation step (documented as limited to chmod-like low-risk ops). These are reasonable for a scheduled watchdog but constitute persistent presence and the ability to modify local state/permissions, so audit the setup and fix scripts before granting runtime access.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install openclaw-safety-guard
  3. After installation, invoke the skill by name or use /openclaw-safety-guard
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.1
## openclaw-safety-guard v0.1.1 - Updated documentation in README.md for clarity and completeness. - No code or functionality changes; only README content modified.
v0.1.0
Initial release of OpenClaw 安全卫士 (openclaw-safety-guard): - Automates health checks across 7 dimensions (security, memory, heartbeat, scheduled tasks, shared files, communication, code standards) on workdays at 10:00. - Generates a health score and a visual dashboard, with Feishu direct message notifications. - Supports manual triggering via Feishu with user commands like “体检” or “生成健康大盘”. - Installer registers cron jobs, sets up configuration, and sends an initial report to the installer. - Dashboard and JSON logs accessible without Cursor. - Robust error handling and archival of scan logs.
Metadata
Slug openclaw-safety-guard
Version 0.1.1
License
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is Openclaw Safety Guard?

OpenClaw 安全卫士(发布 slug:openclaw-safety-guard,内部代号:openclaw-watchdog):默认工作日 10:00 自动扫描 7 个维度(安全、记忆、心跳、定时任务、共享文件、通讯、代码规范),生成健康评分和可视化 Dashboard,通过飞书私信发送报告;没有 Cur... It is an AI Agent Skill for Claude Code / OpenClaw, with 349 downloads so far.

How do I install Openclaw Safety Guard?

Run "/install openclaw-safety-guard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Openclaw Safety Guard free?

Yes, Openclaw Safety Guard is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Openclaw Safety Guard support?

Openclaw Safety Guard is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Openclaw Safety Guard?

It is built and maintained by jasonzhangshuo (@jasonzhangshuo); the current version is v0.1.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments