← 返回 Skills 市场
Openclaw Safety Guard
作者
jasonzhangshuo
· GitHub ↗
· v0.1.1
349
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install openclaw-safety-guard
功能描述
OpenClaw 安全卫士(发布 slug:openclaw-safety-guard,内部代号:openclaw-watchdog):默认工作日 10:00 自动扫描 7 个维度(安全、记忆、心跳、定时任务、共享文件、通讯、代码规范),生成健康评分和可视化 Dashboard,通过飞书私信发送报告;没有 Cur...
安全使用建议
This skill is coherent with its stated purpose (local watchdog that notifies via Feishu) but it will: (1) read many local files (LaunchAgents plist, exec-approvals, git working tree, workspace knowledge directories), (2) write config.json and register a scheduled cron job, and (3) may perform automated low-risk fixes (chmod). Before installing: review the actual contents of scripts/setup.py, scripts/fix_green.py, scripts/notify_feishu.py and scripts/upload_to_feishu_drive.py to confirm they only access/ship data you expect and that fixes are limited to safe operations. Consider running the pipeline manually in a safe environment (python3 scripts/run_pipeline.py) with FEISHU env vars unset to inspect outputs first. Because the source and homepage are absent and a base64-block was flagged by the scanner, exercise caution: prefer manual code review or running the code in an isolated/test environment before granting it access to your real Feishu credentials and production workspace.
功能分析
Type: OpenClaw Skill
Name: openclaw-safety-guard
Version: 0.1.1
The skill is a comprehensive health and security monitoring tool for OpenClaw projects. It audits seven dimensions including security (checking for leaked API keys in Git history and insecure file permissions), memory health, and task configurations. It generates a local HTML dashboard and sends reports via Feishu. The code uses standard Python libraries and subprocess calls for legitimate auditing tasks (e.g., `git log`, `openclaw doctor`). The setup process correctly binds notifications to the installer's Feishu ID, and the automated 'fix' functionality is limited to low-risk security hardening (chmod 600). No evidence of data exfiltration to unauthorized endpoints or malicious persistence was found.
能力评估
Purpose & Capability
The name/description promise a local watchdog that scans 7 dimensions and notifies via Feishu. Requested binaries (python3, node, npm) and environment variables (FEISHU_APP_ID, FEISHU_APP_SECRET) match that purpose (Python scripts for probes and a Node frontend build; Feishu credentials for notification/upload). The included scripts (scan_*.py, generate_dashboard.py, notify_feishu.py, upload_to_feishu_drive.py, setup.py) align with the declared functionality.
Instruction Scope
SKILL.md tells the agent to run setup.py (which writes config.json and registers a cron job), then run run_pipeline.py to execute probes that scan code, plist/launch agents, exec-approvals, git repos, memory/knowledge dirs and other local paths. Those reads and writes are within the stated watchdog scope, but they are broad (system LaunchAgents, exec-approvals file, workspace files). The agent will also obtain the installer’s Feishu open_id from the conversation context to populate notify.receive_id — this is expected for automated notifications but is an access-to-conversation-context action worth noting.
Install Mechanism
There is no external install spec (no arbitrary download step); code is provided in the skill bundle and SKILL.md instructs running local Python/Node commands. This is lower risk than fetching executables from untrusted URLs. No installers or third-party URL downloads are referenced in SKILL.md.
Credentials
Only FEISHU_APP_ID and FEISHU_APP_SECRET are declared and these are justified by the Feishu notification/drive upload functionality. However, the skill will read many local files/paths (plist, exec-approvals, workspace files, git repos) as part of scans; while coherent with the purpose, these are sensitive sources of data. The primaryEnv (FEISHU_APP_ID) is appropriate.
Persistence & Privilege
The skill’s post-install setup writes config.json and registers a cron job under .openclaw/state/cron/jobs.json and instructs restarting the Gateway so daily scans run. It also includes an automatic 'fix_green.py' remediation step (documented as limited to chmod-like low-risk ops). These are reasonable for a scheduled watchdog but constitute persistent presence and the ability to modify local state/permissions, so audit the setup and fix scripts before granting runtime access.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-safety-guard - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-safety-guard触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.1
## openclaw-safety-guard v0.1.1
- Updated documentation in README.md for clarity and completeness.
- No code or functionality changes; only README content modified.
v0.1.0
Initial release of OpenClaw 安全卫士 (openclaw-safety-guard):
- Automates health checks across 7 dimensions (security, memory, heartbeat, scheduled tasks, shared files, communication, code standards) on workdays at 10:00.
- Generates a health score and a visual dashboard, with Feishu direct message notifications.
- Supports manual triggering via Feishu with user commands like “体检” or “生成健康大盘”.
- Installer registers cron jobs, sets up configuration, and sends an initial report to the installer.
- Dashboard and JSON logs accessible without Cursor.
- Robust error handling and archival of scan logs.
元数据
常见问题
Openclaw Safety Guard 是什么?
OpenClaw 安全卫士(发布 slug:openclaw-safety-guard,内部代号:openclaw-watchdog):默认工作日 10:00 自动扫描 7 个维度(安全、记忆、心跳、定时任务、共享文件、通讯、代码规范),生成健康评分和可视化 Dashboard,通过飞书私信发送报告;没有 Cur... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 349 次。
如何安装 Openclaw Safety Guard?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-safety-guard」即可一键安装,无需额外配置。
Openclaw Safety Guard 是免费的吗?
是的,Openclaw Safety Guard 完全免费(开源免费),可自由下载、安装和使用。
Openclaw Safety Guard 支持哪些平台?
Openclaw Safety Guard 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Openclaw Safety Guard?
由 jasonzhangshuo(@jasonzhangshuo)开发并维护,当前版本 v0.1.1。
推荐 Skills