← 返回 Skills 市场
theshadowrose

ProcessGuard — Critical Process Monitor & Auto-Restart

作者 Shadow Rose · GitHub ↗ · v2.1.4 · MIT-0
cross-platform ⚠ suspicious
500
总下载
0
收藏
4
当前安装
9
版本数
在 OpenClaw 中安装
/install process-guard
功能描述
Monitor critical processes and auto-restart on failure. Tracks CPU and memory usage, escalates alerts via webhook, callback, or file, and writes a dead man's...
安全使用建议
This skill appears to do what it claims, but it executes user-configured commands and writes files and may send alerts to external URLs. Before installing or running: 1) review every configured restart/check command and prefer using commandAllowlist (recommended) rather than allowAnyCommand; 2) choose non-sensitive locations for log/heartbeat/alert files and run under a least-privileged account; 3) verify webhook endpoints you configure to avoid accidental data exposure; 4) if you did not obtain the package from a trusted source, consider auditing the full source (the shipped src/process-guard.js is mostly visible but truncated here) or running in an isolated environment first. If you want higher assurance, provide the complete untruncated source for a full review.
功能分析
Type: OpenClaw Skill Name: process-guard Version: 2.1.4 ProcessGuard (v2.1.4) is a process monitoring and auto-restart utility that includes features for resource tracking, alert escalation via webhooks, and an HTTP status dashboard. While the implementation in `src/process-guard.js` demonstrates strong security practices—such as mandatory command allowlisting, strict regex-based blocking of shell injection operators, and the use of `spawn` with `shell: false`—it inherently possesses high-risk capabilities. These include arbitrary command execution, network access, and file system interaction, which are plausibly needed for its stated purpose but represent a significant attack surface for an AI agent, fitting the 'suspicious' classification under the provided criteria.
能力评估
Purpose & Capability
Name/description match the implementation: monitoring, health checks (HTTP/TCP/pid/command), auto-restart, resource tracking (optional pidusage), heartbeat file, local dashboard and alert escalation. Nothing requested by the skill (no env vars, no external credentials, no install spec) is disproportionate to the stated purpose.
Instruction Scope
SKILL.md and README instruct the agent to require and run the provided ProcessGuard module which will: read pid files, run health-check commands, execute restart commands, write heartbeat/log/alerts files, and optionally POST JSON to webhook endpoints. Those behaviors are expected for a monitor, but they are powerful: restart/check commands run subprocesses and can cause side effects if misconfigured; alerts can be delivered to arbitrary external endpoints. The README promises blocking of shell operators and a required allowlist (or explicit allowAnyCommand) to mitigate injection risk; code enforces shell-operator blocking and require an explicit security posture when restarts are configured. Note: the README mentions exec/execSync but the shipped code uses spawn/spawnSync (documentation mismatch only).
Install Mechanism
No install spec is provided (instruction-only skill plus included source files). That is low risk from an install standpoint; optional dependency pidusage is only needed to enable resource monitoring and is installed by the user if desired.
Credentials
The skill does not request environment variables or credentials. It performs file I/O (logs, heartbeat, alerts) and network calls to configured webhooks/dashboard; these are justified by the monitoring/alerting purpose. Users should validate configured webhook URLs and file paths before enabling.
Persistence & Privilege
always is false and the skill does not request elevated or persistent platform privileges. It will, however, write files to the working directory and open a local HTTP dashboard port if enabled — both expected for this functionality. The default ability for agents to invoke skills autonomously is normal and not flagged here.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install process-guard
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /process-guard 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.1.4
Removed exec entirely — restart commands now use spawn(shell:false) same as health checks. No shell execution anywhere in the codebase.
v2.1.3
Replaced execSync with spawnSync(shell:false) for command health checks — eliminates shell execution surface entirely
v2.1.2
Added disclaimer
v2.1.1
Bug fixes: shell operator blocking now truly unconditional — enforced in _validateConfig for all commands (including check.command) AND at runtime in _check before execSync. README updated to accurately document security model. Fixes all scanner-reported documentation/code mismatches.
v2.1.0
Security: inverted security model — commandAllowlist now required by default; set allowAnyCommand: true to explicitly opt out. Shell operators always blocked. Fixes VirusTotal flag for arbitrary exec.
v2.0.2
Security fix: shell operator blocking is now unconditional — commands with shell operators are always rejected, not just when commandAllowlist is configured
v2.0.1
Security fix: commandAllowlist now blocks shell injection operators (;, &&, |, backtick, etc.) in addition to checking executable name. Validation moved to constructor for immediate synchronous rejection of bad configs.
v2.0.0
v2.0.0: Full feature release. Added CPU/memory monitoring (pidusage), multi-target alert escalation (webhook/callback/file), dead man's switch heartbeat, HTTP dashboard, command allowlist security, enhanced status output. Docs now match implementation.
v1.0.0
Initial upload
元数据
Slug process-guard
版本 2.1.4
许可证 MIT-0
累计安装 4
当前安装数 4
历史版本数 9
常见问题

ProcessGuard — Critical Process Monitor & Auto-Restart 是什么?

Monitor critical processes and auto-restart on failure. Tracks CPU and memory usage, escalates alerts via webhook, callback, or file, and writes a dead man's... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 500 次。

如何安装 ProcessGuard — Critical Process Monitor & Auto-Restart?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install process-guard」即可一键安装,无需额外配置。

ProcessGuard — Critical Process Monitor & Auto-Restart 是免费的吗?

是的,ProcessGuard — Critical Process Monitor & Auto-Restart 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

ProcessGuard — Critical Process Monitor & Auto-Restart 支持哪些平台?

ProcessGuard — Critical Process Monitor & Auto-Restart 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 ProcessGuard — Critical Process Monitor & Auto-Restart?

由 Shadow Rose(@theshadowrose)开发并维护,当前版本 v2.1.4。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论