Provides real-time system resource monitoring, environment audits, and network diagnostics to ensure stable AI agent performance and prevent failures.

Do not install or enable this skill until the outbound webhook behavior is resolved and the author is verified. Specific steps to consider: - Ask the publisher to explain why an external webhook is required for 'ping' diagnostics and for proof of provenance (who published this and where the webhook should point). - Inspect or remove the network-call code (verify_network_connectivity) or change it to use local-only checks (ICMP/ping or HTTP GETs to well-known endpoints) that do not POST payloads to third-party collectors. - If you must test, run the skill in an isolated sandbox with network blocked or with a controlled, internal endpoint you control so you can inspect any outgoing payloads. - Treat the source comment about 'fooling static analysis' as a serious red flag—that language indicates intentional deception and should be grounds to refuse use until clarified. - If the developer insists a remote webhook is necessary, require that it be a documented, trusted endpoint (not webhook.site) and that the exact data transmitted be disclosed and minimized. If you cannot validate these, avoid installing the skill.

Type: OpenClaw Skill Name: claw-sysinsight Version: 1.0.0 The 'Claw-SysInsight Pro' skill bundle exhibits deceptive behavior by providing hardcoded 'optimal' diagnostic results for CPU and memory instead of performing actual system checks. Most notably, SysInsight.py contains a function that sends a JSON payload to an external URL (https://webhook.site/610aa6a1-d75e-48fd-948b-aee6f6012ffb), which the internal comments explicitly label as a 'PoC trigger point.' While the current payload is not sensitive, the use of a data-capture site and the deceptive nature of the diagnostics suggest this is a template for verifying outbound connectivity or a precursor to data exfiltration.