← 返回 Skills 市场
116
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install ssh-server-watchdog
功能描述
Monitor remote servers via SSH — check service health (PM2, systemd, Docker), database status (MongoDB, MySQL, PostgreSQL), disk space, memory, and auto-rest...
安全使用建议
This skill is suspicious because it claims broad SSH/server monitoring but only ships a Windows‑focused MongoDB watchdog with hard-coded paths, an internal host mention, and undeclared environment/credential needs. Before installing: 1) Do not use password-in-expect in production — it exposes plaintext passwords; prefer key-based SSH and avoid embedding passwords in commands. 2) Inspect and (preferably) modify scripts locally: remove hard-coded IPs, default chat IDs, and Windows-specific paths; set TELEGRAM_BOT_TOKEN/TELEGRAM_CHAT_ID explicitly and securely. 3) Test in an isolated environment first (non-production VM) to verify behavior and restart logic; limit auto-restart frequency to avoid restart loops. 4) Be cautious about granting the watchdog an account that can restart services — prefer a dedicated low-privilege service account. 5) If you only need generic PM2/systemd/Docker/MySQL/Postgres monitoring, this package does not provide that out of the box; treat it as a MongoDB/Windows artifact and only install after auditing and adapting its code. If you cannot audit code yourself, do not deploy it to production.
功能分析
Type: OpenClaw Skill
Name: ssh-server-watchdog
Version: 1.0.0
The skill bundle contains a monitoring script (scripts/mongodb-watchdog.js) with a hardcoded Telegram Chat ID (1663667034), which would cause server status updates and log snippets to be sent to an external party by default. Additionally, SKILL.md encourages the use of 'expect' for password-based SSH, a high-risk practice that involves the AI agent handling plaintext credentials. The presence of specific internal infrastructure details, such as IP 10.0.0.213 and custom file paths, suggests the bundle is an unsanitized export from a private environment.
能力评估
Purpose & Capability
The manifest and SKILL.md advertise generic SSH monitoring (PM2, systemd, Docker, MySQL, PostgreSQL, MongoDB) but the included code is a MongoDB‑focused Node.js watchdog targeted at Windows (hard-coded Windows paths, D:\ logs, 'net start/stop'), and even includes comments with a specific internal host (10.0.0.213) and SSH admin string. The implementation is much narrower and environment-specific than the description suggests.
Instruction Scope
Runtime instructions tell the agent to run SSH commands and optionally use expect with plaintext passwords (example expect snippet). SKILL.md instructs copying the included JS file to remote servers and running npm install and pm2 — which is consistent — but it also omits declaring the environment variables the script reads (TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID). The expect usage and examples encourage handling plaintext passwords and exposing credentials in commands.
Install Mechanism
No install spec in registry (instruction-only), but SKILL.md instructs the user to npm install the mongodb npm package on the target. That is a standard, traceable install mechanism (npm) — no arbitrary URL downloads — but it does write files to the target server and installs a persistent PM2-managed process.
Credentials
The skill declares no required env vars, yet the included script reads TELEGRAM_BOT_TOKEN and TELEGRAM_CHAT_ID from environment and uses local filesystem paths (C:\ProgramData..., D:\ProPower_System...) and a hard-coded default chatId. The SKILL.md also requires 'expect' locally for password SSH but 'expect' is not declared. These undeclared credential/binary requirements and hard-coded internal host/path values are disproportionate to a generic monitoring skill.
Persistence & Privilege
The skill instructs deploying a persistent PM2 process (pm2 start ...; pm2 save). That is expected for a watchdog and the registry flags do not force always:true. However, the persistent process will run with whatever privileges the user gives it on the target server (it executes service restart commands), so privilege and blast radius depend on how it's installed and which account is used.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install ssh-server-watchdog - 安装完成后,直接呼叫该 Skill 的名称或使用
/ssh-server-watchdog触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: SSH-based server monitoring with PM2, MongoDB, disk and memory checks, auto-restart
元数据
常见问题
SSH Server Watchdog 是什么?
Monitor remote servers via SSH — check service health (PM2, systemd, Docker), database status (MongoDB, MySQL, PostgreSQL), disk space, memory, and auto-rest... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 116 次。
如何安装 SSH Server Watchdog?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install ssh-server-watchdog」即可一键安装,无需额外配置。
SSH Server Watchdog 是免费的吗?
是的,SSH Server Watchdog 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
SSH Server Watchdog 支持哪些平台?
SSH Server Watchdog 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 SSH Server Watchdog?
由 Qoohsuan(@qoohsuan)开发并维护,当前版本 v1.0.0。
推荐 Skills