← 返回 Skills 市场
1096
总下载
0
收藏
4
当前安装
2
版本数
在 OpenClaw 中安装
/install openclaw-healthcheck
功能描述
This skill should be used when the user asks for an OpenClaw health check, OpenClaw security audit, server hardening review, exposure review, gateway safety...
安全使用建议
This skill appears to implement a local OpenClaw health/security audit and does not contact external endpoints, but there are two practical concerns before you run it:
1) Metadata omissions: The package registry metadata does NOT list required binaries or config paths, but the script expects system commands (openclaw, lsof, tail) and reads ~/.openclaw/openclaw.json and /tmp/openclaw/<date>.log. Confirm those commands exist and be prepared for the script to read those files.
2) Sensitive local reads: The script collects command output and file contents into a JSON 'evidence' object that may contain config values or log lines (which can include secrets or PII). Review the script first and run it in a safe/test account or sandbox (or with a temporary HOME) before running on a production host.
Practical steps:
- Inspect scripts/healthcheck.mjs yourself (you already have it) to verify what will be read and output.
- Run the included tests in a sandboxed temp directory (npm test / node tests/test.mjs) to see behavior.
- Back up ~/.openclaw/openclaw.json and any logs, or run the script with HOME pointed at a safe test directory if you want to avoid exposing real configs.
- If you plan to install for repeated use, ask the maintainer to update metadata to declare required binaries (openclaw, lsof, tail) and config/log paths so the capability and the requested access are explicit.
Given these mismatches between metadata and actual behavior, treat the skill as suspicious until you confirm its runtime reads and outputs are acceptable for your environment.
功能分析
Type: OpenClaw Skill
Name: openclaw-healthcheck
Version: 0.1.1
The openclaw-healthcheck skill is a legitimate diagnostic tool designed to audit the health and security posture of an OpenClaw deployment. The core logic in `scripts/healthcheck.mjs` performs read-only operations such as checking process status (`openclaw status`), identifying listening ports (e.g., 18789, 9222), verifying configuration flags in `~/.openclaw/openclaw.json`, and scanning recent logs for error patterns. The skill is well-documented, includes a functional test suite (`tests/test.mjs`), and contains no evidence of data exfiltration, malicious execution, or prompt injection.
能力评估
Purpose & Capability
The script's actions (running `openclaw status`, lsof to inspect listeners, reading ~/.openclaw/openclaw.json, tailing /tmp/openclaw/... logs) are coherent with a local OpenClaw health/security check. However, the registry metadata declares no required binaries or config paths while the script clearly depends on system commands (openclaw, lsof, tail) and specific config/log paths. That metadata omission is an inconsistency that could lead to surprise or misuse.
Instruction Scope
SKILL.md instructs the agent to run the bundled Node script. The script reads user files (home config at ~/.openclaw/openclaw.json), inspects /tmp logs, and runs shell commands (lsof, tail, openclaw). Those actions are within the advertised scope, but they will expose potentially sensitive local content (config values, logs) into the script's JSON output (evidence). The SKILL.md does not explicitly enumerate these exact file reads/commands — the README and script do.
Install Mechanism
This is an instruction-only skill with bundled scripts; there is no network download/install step. No external packages or remote installers are fetched. Risk from installation is low, but the script will be executed locally with Node.js.
Credentials
The skill declares no required environment variables or config paths, yet it accesses the user's HOME, reads ~/.openclaw/openclaw.json, and inspects /tmp/openclaw logs. It also expects system utilities (openclaw binary, lsof, tail). Asking for no credentials is appropriate, but the metadata should declare the config/log paths and required binaries so users know what will be read and what commands must be present.
Persistence & Privilege
The skill does not request always-on presence and does not modify other skills or system-wide settings. It runs as a one-shot diagnostic and exits (the script uses process.exit). There is no evidence of persistent background behavior or network exfiltration.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-healthcheck - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-healthcheck触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.1
Release 0.1.1: add README, MIT license, packaged files list, and automated test coverage for the healthcheck skill.
v0.1.0
Initial OpenClaw healthcheck skill with runtime, exposure, config, and log hygiene checks.
元数据
常见问题
OpenClaw Healthcheck 是什么?
This skill should be used when the user asks for an OpenClaw health check, OpenClaw security audit, server hardening review, exposure review, gateway safety... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1096 次。
如何安装 OpenClaw Healthcheck?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-healthcheck」即可一键安装,无需额外配置。
OpenClaw Healthcheck 是免费的吗?
是的,OpenClaw Healthcheck 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
OpenClaw Healthcheck 支持哪些平台?
OpenClaw Healthcheck 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 OpenClaw Healthcheck?
由 X-RayLuan(@x-rayluan)开发并维护,当前版本 v0.1.1。
推荐 Skills