← Back to Skills Marketplace
abdullah4ai

OpenClaw Watch Dog

by Abdullah AlRashoudi · GitHub ↗ · v1.3.0
cross-platform ⚠ suspicious
2338
Downloads
2
Stars
9
Active Installs
14
Versions
Install in OpenClaw
/install openclaw-watchdog
Description
Self-healing monitoring system for OpenClaw gateway. Auto-detects failures, fixes crashes, and sends Telegram alerts.
Usage Guidance
This skill appears to do what it says: monitor OpenClaw locally and notify your Telegram bot. Before installing: 1) inspect the included scripts yourself or run them inside a controlled environment; 2) do not paste unrelated secrets into the chat — only provide the Telegram token/chat ID that you intend to use for alerts; 3) be aware the installer can optionally accept OpenAI/Anthropic keys and will store them encrypted locally if you provide them — only supply those if you understand why you need them; 4) the service can run npm install -g openclaw to reinstall the gateway, but it only does that after an explicit local approval file is created by you; 5) verify you trust the repository/source (homepage is provided) before granting persistent background execution. If you want higher assurance, run the setup steps manually rather than via an agent message.
Capability Analysis
Type: OpenClaw Skill Name: openclaw-watchdog Version: 1.3.0 The skill is designed for benign system monitoring and self-healing. However, the `scripts/setup.sh` file contains a critical shell injection vulnerability. When installing the systemd user service on Linux, the `printf` command used to generate the service file does not properly quote the `OPENCLAW_HEALTH_URL` environment variable. This variable is derived from the user-controlled `--gateway-port` argument. A malicious user could provide a crafted `GATEWAY_PORT` value (e.g., `8080; rm -rf /`) to inject arbitrary commands into the systemd service file, leading to Remote Code Execution (RCE) when the service starts. This vulnerability is exploitable via prompt injection against the AI agent, which is instructed to pass user-provided input to the `setup.sh` script.
Capability Assessment
Purpose & Capability
Name/description align with what the files do: monitor a local health endpoint, restart the gateway, and send Telegram alerts. Required binaries (python3, openssl) and the Telegram token/chat ID match the stated purpose.
Instruction Scope
Runtime instructions request the Telegram token and chat ID (necessary to send alerts) and instruct running the included setup script which installs a user-level service and copies code to ~/.openclaw/watchdog. The skill reads OpenClaw logs and config (e.g., ~/.openclaw/openclaw.json) for diagnosis and auto-detection of the gateway port — this is within scope for a gateway watchdog but worth noting because it accesses user config/log files. The SKILL.md asks users to paste secrets into agent chat; users should be cautious about pasting secrets into conversational UIs.
Install Mechanism
No external downloads or remote installers: the package includes setup scripts that create a venv, install a small Python dependency (aiohttp), and install a user LaunchAgent/systemd service. This is a local, traceable install with no remote code fetches at install time.
Credentials
Declared required env vars (TELEGRAM_TOKEN, TELEGRAM_CHAT_ID) are appropriate. The setup scripts accept optional --openai-key and --anthropic-key and will store them encrypted if provided; those optional AI keys are not declared as required in metadata and are not used elsewhere in current code — this is not malicious but is an extra data collection surface the user should be aware of.
Persistence & Privilege
The skill installs a user-level persistent service (LaunchAgent or systemd user) which is expected for a watchdog. It does not request system-wide elevated privileges. Note: SKILL.md metadata includes a disableModelInvocation flag, but registry flags show model invocation is allowed; this mismatch is informational (it affects platform behavior) but not a code-level risk.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install openclaw-watchdog
  3. After installation, invoke the skill by name or use /openclaw-watchdog
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.3.0
Auto-detect gateway port from config, fix password mismatch when ioreg unavailable (macOS 26+), support OPENCLAW_HEALTH_URL env var, add --gateway-port flag to setup
v1.2.1
Fix metadata format: inline JSON instead of YAML, fixes registry rendering of env vars and install spec
v1.2.0
Security: move inline code to auditable scripts with input validation, eliminate prompt-injection vector
v1.1.2
Unify env var names (TELEGRAM_TOKEN, TELEGRAM_CHAT_ID) and add disableModelInvocation
v1.1.1
Fix metadata: declare required env vars, add homepage, add install spec for scanner compatibility
v1.1.0
Add credentials and service metadata declaration for ClawHub security scanner transparency
v1.0.7
- Added metadata block to SKILL.md with details about binaries, required credentials, service type, and persistence. - Declared explicit requirement for "openssl" binary in addition to "python3". - Specified credential names and descriptions for better clarity in the setup process. - Noted that the skill installs as a user-level LaunchAgent (macOS) or systemd user service (Linux). - No changes made to the core setup instructions or functionality description.
v1.0.6
- Clarified that diagnostics and log analysis run locally on-device. - Added Python 3 and OpenClaw as explicit prerequisites in the setup instructions. - Updated skill description to specify alert notifications are sent only via the user's Telegram bot. - Improved prerequisite section for easier setup reference.
v1.0.5
- Improved credential validation and Telegram pairing steps to use Python scripts for safer user input handling. - Updated setup instructions to replace inline curl commands with Python equivalents for token validation and test messaging. - No functional changes to the monitoring or recovery logic.
v1.0.4
**Summary: Diagnostics now run 100% locally, removing AI cloud dependencies.** - Removed all OpenAI/Anthropic API usage; diagnostics and recovery logic now run on-device only. - Simplified setup: Only requires Telegram bot token and chat ID; no API keys for cloud AI needed. - No logs or data leave the device; all analysis uses local pattern matching. - Updated instructions and workflow to reflect local-only operation. - Expanded "How It Works" section to clarify local checks, restart policy, and approval flow for reinstalls. - Strengthened credential security note: all secrets are locally encrypted with AES-256.
v1.0.3
openclaw-watchdog v1.0.3 - No changes detected in this release. - All documentation and setup instructions remain the same.
v1.0.2
openclaw-watchdog 1.0.2 - No code or documentation changes in this release. - Version bumped for administrative or meta reasons; behavior and user experience unchanged.
v1.0.1
openclaw-watchdog 1.0.1 - No code or documentation changes detected in this version. - Behavior and setup instructions remain identical to the previous release.
v1.0.0
Initial release of openclaw-watchdog - Introduces a self-healing monitoring system for OpenClaw gateways. - Automatically checks gateway health every 15 seconds and attempts to auto-fix issues (restart/reinstall). - Sends real-time Telegram alerts to notify users of status and recovery actions. - Leverages AI diagnostics (OpenAI and/or Anthropic) to analyze issues and suggest fixes. - Provides guided setup and credential validation for seamless onboarding. - Includes uninstall instructions for clean removal.
Metadata
Slug openclaw-watchdog
Version 1.3.0
License
All-time Installs 9
Active Installs 9
Total Versions 14
Frequently Asked Questions

What is OpenClaw Watch Dog?

Self-healing monitoring system for OpenClaw gateway. Auto-detects failures, fixes crashes, and sends Telegram alerts. It is an AI Agent Skill for Claude Code / OpenClaw, with 2338 downloads so far.

How do I install OpenClaw Watch Dog?

Run "/install openclaw-watchdog" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is OpenClaw Watch Dog free?

Yes, OpenClaw Watch Dog is completely free (open-source). You can download, install and use it at no cost.

Which platforms does OpenClaw Watch Dog support?

OpenClaw Watch Dog is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created OpenClaw Watch Dog?

It is built and maintained by Abdullah AlRashoudi (@abdullah4ai); the current version is v1.3.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments