← 返回 Skills 市场
298
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install server-log-analysis
功能描述
通过 SSH 连接远程服务器,读取同级 config.yaml 理解服务信息与日志位置,按需下载相关日志片段到本地 temp 目录,并分析日志定位问题。适用于用户要求排查远程服务日志、分析服务端异常或基于 SSH 访问进行日志诊断的场景。
安全使用建议
This skill appears to do what it says (SSH -> read config.yaml -> fetch logs -> analyze), but review and harden before use.
What to check before installing or running:
- Inspect config.yaml immediately. It contains a connection example with username: 'root' and password: 'password'. Replace any plaintext passwords with references to environment variables or a secrets manager, or remove the credentials entirely.
- Prefer SSH key-based auth and point the skill at a non-root, least-privilege account. Ensure SKILL.md's suggested auth mechanism (env var or key file) is actually used instead of embedded secrets.
- Confirm local_temp_dir and preserve_downloads behavior. If you don't want logs persisted, set preserve_downloads: false and ensure temp/ is cleared after analysis.
- Limit scope in config.yaml (allowed hosts, explicit log paths) so the agent cannot be pointed at arbitrary files/hosts. Use explicit allowlists where possible.
- Validate who published this skill (source unknown, no homepage). If you cannot verify the author, avoid giving it broad SSH access to production systems.
- Consider running manual, audited SSH commands yourself for sensitive systems rather than allowing an automated agent to fetch logs until you trust the skill and configuration.
Why the verdict is 'suspicious': the skill is coherent, but the bundled configuration includes insecure defaults and sensitive information in plaintext; that mismatch with the documentation and the potential to download sensitive logs raise concern. Additional information that would raise confidence to 'high': a cleaned config.yaml without plaintext secrets, clear runtime control over which hosts/files can be accessed, and provenance of the skill (trusted publisher or repo).
功能分析
Type: OpenClaw Skill
Name: server-log-analysis
Version: 1.0.0
The skill bundle is designed for automated remote server log analysis via SSH, which inherently involves high-risk capabilities like remote command execution and file retrieval. While the instructions in SKILL.md and reference.md focus on legitimate diagnostic tasks, config.yaml contains hardcoded placeholder credentials (root/password) and grants broad access to the remote system. These risky capabilities, combined with the potential for the agent to execute arbitrary shell commands for filtering and tailing logs, represent a significant security surface without sufficient safeguards against misuse.
能力评估
Purpose & Capability
The skill's stated purpose (SSH into remote servers, discover log paths from a local config, download minimal log fragments, analyze them) aligns with the instructions. However the included config.yaml contains an inline connection entry (username: root, password: password), which contradicts the SKILL.md and reference.md guidance that passwords/private keys should not be stored in plaintext in config.yaml.
Instruction Scope
SKILL.md explicitly directs the agent to read config.yaml, connect via SSH to remote hosts, perform remote checks, and download log fragments to a local temp directory—this is within the declared purpose. The instructions do not attempt to modify remote systems (they explicitly say not to), but they do permit downloading potentially sensitive logs and instruct the agent to read the local config file which may contain credentials. That read is expected for the task but increases sensitivity.
Install Mechanism
Instruction-only skill with no install spec or code files to execute; nothing is written to disk by an installer. This is the lowest install risk.
Credentials
The skill declares no required environment variables but recommends using environment variables / key files for SSH credentials. The provided config.yaml nevertheless includes plaintext credentials (connections.default-server.username = 'root', connections.default-server.password = 'password'), which is disproportionate and risky. Also config defaults (preserve_downloads: true, local_temp_dir) mean downloaded logs may be kept locally unless altered.
Persistence & Privilege
always: false and no install hooks or code that modify other skills or agent-wide settings. The skill does create/expect a local temp dir for downloads, which is reasonable for its purpose.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install server-log-analysis - 安装完成后,直接呼叫该 Skill 的名称或使用
/server-log-analysis触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of server-log-analysis.
- Analyze service issues by connecting to remote servers via SSH and downloading targeted log segments based on config.yaml.
- Prioritize minimal and relevant log data extraction, using remote filtering before transfer.
- Follows a strict workflow: read config.yaml, identify services/hosts, remote log check, local download, and structured analysis output.
- Provides clear safety constraints: avoid modifying remote files or downloading sensitive/unrelated logs without explicit user instruction.
- Handles exceptions by reporting issues in connection or configuration, and asks for user input to resolve uncertainties.
元数据
常见问题
server-log-analysis 是什么?
通过 SSH 连接远程服务器,读取同级 config.yaml 理解服务信息与日志位置,按需下载相关日志片段到本地 temp 目录,并分析日志定位问题。适用于用户要求排查远程服务日志、分析服务端异常或基于 SSH 访问进行日志诊断的场景。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 298 次。
如何安装 server-log-analysis?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install server-log-analysis」即可一键安装,无需额外配置。
server-log-analysis 是免费的吗?
是的,server-log-analysis 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
server-log-analysis 支持哪些平台?
server-log-analysis 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 server-log-analysis?
由 hgvgfgvh(@hgvgfgvh)开发并维护,当前版本 v1.0.0。
推荐 Skills