← Back to Skills Marketplace

运维助手 v2.0

Name: 运维助手 v2.0
Author: fish1981bimmer

by fish1981bimmer · GitHub ↗ · v2.0.1 · MIT-0

cross-platform ⚠ suspicious

123

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install ops-maintenance

Description

运维助手 v2.0 - 支持本地、远程、多服务器集群监控 (健康检查、日志分析、性能监控、批量操作、文件传输)

Usage Guidance

This skill is coherent with its stated purpose but handles sensitive secrets and will read/write files in your home directory. Before installing or running it: - Review the source (especially src/utils/ssh-pool.ts, src/utils/sftp-client.ts, src/utils/audit-logger.ts) to ensure there are no unexpected network endpoints or telemetry. The provided code shows no external HTTP endpoints. - Be aware it will try to use ~/.ssh/id_rsa by default and can store passwords in ~/.config/ops-maintenance/servers.json; prefer key-based auth and do not put plaintext passwords in that file. - Audit the permissions on ~/.config/ops-maintenance and ~/.ssh/* (restrict to the user, e.g., 600 for private keys). - The skill writes audit.log with executed commands — this is useful but may contain sensitive data; treat the log as confidential. - The repository includes package.json; run npm install in an isolated environment and run npm audit before use. - Note small mismatches: SKILL.md claims v2.0 removed shell-based SSH usage but dist/index.js still uses child_process.exec for local command execution (not for remote SSH). Also the registry metadata omits an explicit install spec even though SKILL.md instructs npm install — confirm your agent/platform will install and run the included code as intended. If you accept these trade-offs (local file access, use of SSH keys, local audit logs) and you trust the maintainer, this skill appears to be what it claims. If you do not trust the source or prefer not to expose local keys/configs, do not install or run it.

Capability Analysis

Type: OpenClaw Skill Name: ops-maintenance Version: 2.0.1 The skill bundle provides powerful administrative capabilities, including remote command execution via SSH, SFTP file transfer (upload/download), and local shell execution using '/bin/zsh' (src/index.ts). It is designed to automatically access the user's private SSH key (~/.ssh/id_rsa) to facilitate server connections (src/utils/ssh-pool.ts). While these features are consistent with the stated purpose of an 'Ops Maintenance' tool, the combination of arbitrary command execution, file exfiltration potential, and automated credential access constitutes a high-risk attack surface.

Capability Tags

requires-walletrequires-sensitive-credentials

Capability Assessment

✓ Purpose & Capability

Name, description, SKILL.md and source files all describe an SSH-based ops tool (health checks, logs, perf, bulk exec, SFTP, audit). The included Node/TypeScript code implements SSH connection pooling, SFTP, and audit logging — these are expected for the stated purpose.

ℹ Instruction Scope

Runtime instructions and examples explicitly read/write ~/.config/ops-maintenance/servers.json, may reference ~/.ssh/id_rsa and accept passwords in the config. That is coherent for an ops tool but involves handling sensitive credentials and local files; SKILL.md also suggests running npm install/build (so code will be used). Nothing in SKILL.md directs the agent to read unrelated system files or post data to external endpoints.

ℹ Install Mechanism

No formal install spec in the registry metadata, but the repository includes package.json and SKILL.md shows npm install/build steps. That is reasonable, but the lack of an explicit install section in the skill metadata is a minor mismatch: the code will require installing dependencies (ssh2, ssh2-sftp-client) before use.

ℹ Credentials

The skill declares no required environment variables, which matches metadata. However, the implementation will read the user's HOME, default SSH private key (~/.ssh/id_rsa) and the local config file, and it permits storing plaintext passwords in servers.json. These are functionally necessary for SSH/SFTP operations but are sensitive — users should be aware credentials/configs are stored locally and audit logs record commands.

✓ Persistence & Privilege

always is false and the skill does not request platform-level privileges. It persists state under ~/.config/ops-maintenance (servers.json, logs) and will create audit.log — this is normal for such a tool and proportional to its purpose.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install ops-maintenance
After installation, invoke the skill by name or use /ops-maintenance
Provide required inputs per the skill's parameter spec and get structured output

Version History

v2.0.1

v2.0 优化：使用ssh2库替代child_process.exec，添加SSH连接池、SFTP文件传输、审计日志、并发控制、重试机制、安全性增强（主机密钥验证）、性能优化（连接复用）、跨平台兼容性修复

v2.0.0

支持本地、远程、多服务器集群监控 (健康检查、日志分析、性能监控、批量操作、密码过期检查)

Metadata

Slug ops-maintenance

Version 2.0.1

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 2

Frequently Asked Questions

What is 运维助手 v2.0?

运维助手 v2.0 - 支持本地、远程、多服务器集群监控 (健康检查、日志分析、性能监控、批量操作、文件传输). It is an AI Agent Skill for Claude Code / OpenClaw, with 123 downloads so far.

How do I install 运维助手 v2.0?

Run "/install ops-maintenance" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is 运维助手 v2.0 free?

Yes, 运维助手 v2.0 is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does 运维助手 v2.0 support?

运维助手 v2.0 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created 运维助手 v2.0?

It is built and maintained by fish1981bimmer (@fish1981bimmer); the current version is v2.0.1.

More Skills