← 返回 Skills 市场
suspect80

Bot Status API

作者 suspect80 · GitHub ↗ · v1.0.1
cross-platform ⚠ suspicious
2107
总下载
0
收藏
7
当前安装
2
版本数
在 OpenClaw 中安装
/install bot-status-api
功能描述
Deploy a lightweight status API that exposes your OpenClaw bot's runtime health, service connectivity, cron jobs, skills, system metrics, and more. Use when setting up a monitoring dashboard, health endpoint, or status page for an OpenClaw agent. Supports any services via config (HTTP checks, CLI commands, file checks). Zero dependencies — Node.js only.
使用说明 (SKILL.md)

Bot Status API

A configurable HTTP service that exposes your OpenClaw bot's operational status as JSON. Designed for dashboard integration, monitoring, and transparency.

What It Provides

  • Bot Core: Online status, model, context usage, uptime, heartbeat timing
  • Services: Health checks for any HTTP endpoint, CLI tool, or file path
  • Email: Unread counts from any email provider (himalaya, gog, etc.)
  • Cron Jobs: Reads directly from OpenClaw's cron/jobs.json
  • Docker: Container health via Portainer API
  • Dev Servers: Auto-detects running dev servers by process grep
  • Skills: Lists installed and available OpenClaw skills
  • System: CPU, RAM, Disk metrics from /proc

Setup

1. Copy the service files

Copy server.js, collectors/, and package.json to your desired location.

2. Create config.json

Copy config.example.json to config.json and customize:

{
  "port": 3200,
  "name": "MyBot",
  "workspace": "/path/to/.openclaw/workspace",
  "openclawHome": "/path/to/.openclaw",
  "cache": { "ttlMs": 10000 },
  "model": "claude-sonnet-4-20250514",
  "skillDirs": ["/path/to/openclaw/skills"],
  "services": [
    { "name": "myservice", "type": "http", "url": "http://...", "healthPath": "/health" }
  ]
}

Service Check Types

Type Description Config
http Fetch URL, check HTTP 200 url, healthPath, method, headers, body
command Run shell command, check exit 0 command, timeout
file-exists Check path exists path

3. Run

node server.js

4. Persist (systemd user service)

# ~/.config/systemd/user/bot-status.service
[Unit]
Description=Bot Status API
After=network.target

[Service]
Type=simple
WorkingDirectory=/path/to/bot-status
ExecStart=/usr/bin/node server.js
Restart=always
RestartSec=5
Environment=PORT=3200
Environment=HOME=/home/youruser
Environment=PATH=/usr/local/bin:/usr/bin:/bin

[Install]
WantedBy=default.target

systemctl --user daemon-reload
systemctl --user enable --now bot-status
loginctl enable-linger $USER  # survive logout

5. Context/Vitals from OpenClaw

The bot should periodically write vitals to heartbeat-state.json in its workspace:

{
  "vitals": {
    "contextPercent": 62,
    "contextUsed": 124000,
    "contextMax": 200000,
    "model": "claude-opus-4-5",
    "updatedAt": 1770304500000
  }
}

Add this to your HEARTBEAT.md so the bot updates it each heartbeat cycle.

Endpoints

Endpoint Description
GET /status Full status JSON (cached)
GET /health Simple {"status":"ok"}

Architecture

  • Zero dependencies — Node.js built-ins only (http, fs, child_process)
  • Non-blocking — All shell commands use async exec, never execSync
  • Background refresh — Cache refreshes on interval, requests always served from cache instantly (~10ms)
  • Config-driven — Everything in config.json, no hardcoded values
安全使用建议
This skill is coherent for local monitoring, but it reads local OpenClaw files and runs shell commands you configure — so review and harden before use. Key things to consider before installing: - Inspect config.json: service checks of type "command" and email accounts execute whatever commands you put there; treat these as powerful and only use trusted commands. - Least privilege: run the service under a dedicated low-privilege user so it cannot read unrelated sensitive files. Do not run as root. - Sensitive files access: the collectors read files under your OpenClaw home/workspace (heartbeat-state.json, cron/jobs.json, auth-profiles.json). Ensure you’re comfortable exposing those contents via the /status endpoint locally or to any network. - Public exposure: /status returns system metrics, skill lists, cron job metadata and service summary. Avoid binding to a public network or put it behind authentication/reverse proxy if you must expose it externally. - Command injection / unsanitized exec: services.checkFileExists uses exec(`ls ${svc.path}`) and other code runs user-supplied commands and `which` on discovered bin names. Make sure service paths and skill directories are trusted and not writable by untrusted users. - TLS behavior: the server forces NODE_TLS_REJECT_UNAUTHORIZED=0 to allow self-signed Portainer connections; this disables TLS validation globally. Prefer configuring Portainer with proper certs or carefully restrict network access if you keep this behavior. If you want a safer deployment: run on localhost only, restrict via firewall, remove/replace the global TLS-disable line, and avoid adding untrusted skillDirs or service commands to config.json.
功能分析
Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill Suspicious High-Entropy/Eval files: 8 This skill is classified as suspicious due to several high-risk capabilities, despite its stated purpose as a monitoring API. The `collectors/email.js` and `collectors/services.js` files allow for arbitrary shell command execution via the `config.json` file, which could be exploited if the configuration is compromised. Furthermore, `server.js` globally disables TLS certificate validation (`NODE_TLS_REJECT_UNAUTHORIZED = "0"`), weakening the security of all HTTPS connections, including those transmitting sensitive data like API keys (e.g., in `collectors/docker.js`). The skill also reads sensitive files like `auth-profiles.json` in `collectors/core.js` to report on bot configuration, which, while for a stated purpose, involves handling sensitive data.
能力评估
Purpose & Capability
The code implements a status API that collects bot core vitals, services checks (HTTP/command/file), email unread counts via configured commands, cron jobs, Docker/Portainer containers, dev-server processes, installed skills, and /proc system metrics — all match the description.
Instruction Scope
Instructions and code intentionally read OpenClaw files (heartbeat-state.json, cron/jobs.json, auth-profiles.json), scan skill directories, and run configured shell commands for service/email checks. This fits monitoring use but means the skill will read potentially sensitive local files and run arbitrary commands specified in config.
Install Mechanism
No install spec (instruction-only install). Source files are provided and intended to be copied/run by the user; nothing is fetched from external URLs during install.
Credentials
The skill declares no required env vars or credentials, which matches the bundle. However server.js sets NODE_TLS_REJECT_UNAUTHORIZED=0 (disables TLS verification globally) and the collectors read agent files (auth-profiles.json) and arbitrary paths from config. Those behaviors are explainable by Portainer/self-signed setups and local monitoring, but they broaden the data and network trust surface.
Persistence & Privilege
always is false and the skill does not attempt to modify other skills or system-wide agent configs. It is a standalone service the user runs (systemd instructions are optional).
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install bot-status-api
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /bot-status-api 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Initial public release
v1.0.0
Initial release: config-driven status API with modular collectors for services, email, Docker, cron, skills, and system metrics. Zero dependencies.
元数据
Slug bot-status-api
版本 1.0.1
许可证
累计安装 7
当前安装数 7
历史版本数 2
常见问题

Bot Status API 是什么?

Deploy a lightweight status API that exposes your OpenClaw bot's runtime health, service connectivity, cron jobs, skills, system metrics, and more. Use when setting up a monitoring dashboard, health endpoint, or status page for an OpenClaw agent. Supports any services via config (HTTP checks, CLI commands, file checks). Zero dependencies — Node.js only. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2107 次。

如何安装 Bot Status API?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install bot-status-api」即可一键安装,无需额外配置。

Bot Status API 是免费的吗?

是的,Bot Status API 完全免费(开源免费),可自由下载、安装和使用。

Bot Status API 支持哪些平台?

Bot Status API 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Bot Status API?

由 suspect80(@suspect80)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论