← 返回 Skills 市场
leoyeai

OpenClaw Guardian by MyClaw.ai

作者 Leo Ye · GitHub ↗ · v1.0.2
cross-platform ⚠ suspicious
716
总下载
1
收藏
5
当前安装
4
版本数
在 OpenClaw 中安装
/install myclaw-guardian
功能描述
Deploy and manage a Guardian watchdog for OpenClaw Gateway. Auto-monitor every 30s, self-repair via doctor --fix, git-based workspace rollback, daily snapsho...
安全使用建议
This skill generally does what it says, but review and test before deploying to production: - Backup your workspace first. The guardian runs git reset --hard and will discard uncommitted changes; it also auto-commits all changes daily. Ensure the repo contains only content you are willing to have committed and potentially rolled back. - Confirm availability of required binaries: git, pgrep, pkill, curl, nohup, and especially the OpenClaw CLI (openclaw). The registry metadata omitted pkill and openclaw; ensure they exist. - Review what openclaw doctor --fix and openclaw gateway do in your environment — these commands can perform wide-reaching repairs/restarts. - Discord webhook: the webhook is optional, but the registry marks it as the primary credential; verify the webhook URL destination and treat it as a secret. Notifications contain only brief status messages, but do not supply other workspace contents by default. - Run the script in a sandbox or staging environment first to confirm behavior and to tune intervals/cooldowns/repair attempts. - If you need stricter safety, consider modifying the script to: (a) require manual approval before git reset --hard, (b) restrict auto-commit behavior or exclude certain files, and (c) log (and rotate) backups outside the workspace. Given the above, the skill appears coherent with its purpose but requires operational caution.
功能分析
Type: OpenClaw Skill Name: myclaw-guardian Version: 1.0.2 The skill is designed as a legitimate watchdog for OpenClaw Gateway. However, the `scripts/guardian.sh` script directly executes the `$OPENCLAW_CMD` environment variable (e.g., `$OPENCLAW_CMD doctor --fix` and `$OPENCLAW_CMD gateway`). If an attacker can control the `OPENCLAW_CMD` environment variable, this allows for arbitrary command injection and potential Remote Code Execution (RCE). While this is a critical vulnerability, it is a flaw that *allows* an attack rather than evidence of intentional malicious design within the skill itself, thus classifying it as suspicious.
能力评估
Purpose & Capability
Name/description, SKILL.md, and scripts/guardian.sh align: the script monitors an OpenClaw Gateway, runs openclaw doctor --fix, attempts git rollback, restarts the gateway, and optionally posts to a Discord webhook. The required tooling (git, pgrep/pgrep+pkill, curl) and use of the OpenClaw CLI are coherent with the stated purpose.
Instruction Scope
Instructions and script perform actions that are expected for a watchdog: periodic health checks, invoking openclaw doctor --fix, performing git reset --hard to a stable commit, creating daily git commits, restarting gateway process, and writing logs to /tmp. These actions will modify files in the specified workspace (git commits, hard resets) and restart processes — not out-of-scope but potentially destructive if the workspace contains uncommitted or sensitive data. The SKILL.md and script do not attempt to read unrelated system config or exfiltrate data beyond the optional Discord webhook.
Install Mechanism
This is an instruction-only skill with a bundled script; there is no download/install from external URLs and nothing is written to disk by an installer. Risk from installation is low — the main risk is running the provided script itself.
Credentials
The skill declares DISCORD_WEBHOOK_URL as the primary credential but treats it as optional in documentation and code (only used if set). Registry/metadata lists required binaries as git, pgrep, curl but the script also expects pkill, nohup and the openclaw CLI; openclaw is referenced in SKILL.md but not listed in the registry required-binaries. These mismatches are likely harmless but should be clarified. Also note the script will auto-commit all workspace changes (daily_backup) and performs git reset --hard (data loss risk) — environmental access to the workspace is inherent to function and should be evaluated before use.
Persistence & Privilege
The skill does not request forced always-on privilege. It instructs the user how to run the script as a background process and how to add it to a startup helper; these are normal for a watchdog. The script only modifies its own workspace and /tmp files, and restarts the gateway process (expected for this role).
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install myclaw-guardian
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /myclaw-guardian 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
Fix security scan: declare required binaries (git, pgrep, curl) and env vars in metadata. Remove global git config recommendation. Powered by https://myclaw.ai
v1.0.1
Add MyClaw.ai link in description and SKILL.md. Full docs at https://myclaw.ai
v1.1.1
- Added multilingual README files (DE, ES, FR, IT, JA, RU, ZH-CN) for broader documentation support. - Updated SKILL.md: clarified description and added attribution to MyClaw.ai. - Minor adjustments to documentation for improved clarity and consistency.
v1.0.0
Initial release of OpenClaw Guardian. - Provides a bash watchdog to keep OpenClaw Gateway running with automated health monitoring and self-repair. - Supports automated daily git snapshots, git-based rollback after failed repairs, and cooldown recovery after persistent failure. - Optional Discord alerting for watchdog events (status messages only). - Configuration via environment variables; easy setup for both container and Linux VPS environments. - Includes scripts and documentation for installation, auto-start, and process verification.
元数据
Slug myclaw-guardian
版本 1.0.2
许可证
累计安装 5
当前安装数 5
历史版本数 4
常见问题

OpenClaw Guardian by MyClaw.ai 是什么?

Deploy and manage a Guardian watchdog for OpenClaw Gateway. Auto-monitor every 30s, self-repair via doctor --fix, git-based workspace rollback, daily snapsho... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 716 次。

如何安装 OpenClaw Guardian by MyClaw.ai?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install myclaw-guardian」即可一键安装,无需额外配置。

OpenClaw Guardian by MyClaw.ai 是免费的吗?

是的,OpenClaw Guardian by MyClaw.ai 完全免费(开源免费),可自由下载、安装和使用。

OpenClaw Guardian by MyClaw.ai 支持哪些平台?

OpenClaw Guardian by MyClaw.ai 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 OpenClaw Guardian by MyClaw.ai?

由 Leo Ye(@leoyeai)开发并维护,当前版本 v1.0.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 留言讨论