← 返回 Skills 市场
status-web
作者
Yitao&Agents
· GitHub ↗
· v1.0.0
1772
总下载
1
收藏
16
当前安装
1
版本数
在 OpenClaw 中安装
/install status-web
功能描述
小雨 bot 状态监测页面技能包。提供实时监控 OpenClaw Agent 工作状态、定时任务和系统健康状况的 Web 界面。包含静态缓存机制确保快速加载,美化 UI 界面,以及独立部署能力。使用场景:需要监控 AI Agent 运行状态、查看最近工作记录、管理定时任务、检查系统健康状况。
安全使用建议
Key things to consider before installing: 1) The package's files contain hardcoded paths (/home/admin/openclaw/workspace), expect an 'openclaw' CLI, and will exec shell commands — it needs privileges to read agent memory and run the agent CLI. 2) Several inconsistencies exist: the SKILL.md/start instructions reference different script names/paths than provided (start.sh vs start-server.sh; server.js location), and the module get-scheduled-tasks-simple is required by server.js but not included — the package appears incomplete or mispackaged. 3) The POST /api/chat endpoint can forward messages to the OpenClaw agent using a hardcoded mainSessionId after a simple magic-string check; there is no real authentication. If you expose this server to a network, an attacker who discovers the endpoint or magic phrase could interact with the agent. 4) Recommended actions: run this only in an isolated environment (container or VM), do not bind to 0.0.0.0 on public interfaces, require/implement proper authentication for /api/chat, review and fix path/script mismatches (ensure start script points to the correct server.js and included modules exist), remove or harden any ability to exec the OpenClaw CLI from web-exposed endpoints, and audit the memory files the code will read to confirm no sensitive data is exposed. If you cannot verify or fix these issues, treat the package as untrusted and do not run it on production agents.
功能分析
Type: OpenClaw Skill
Name: status-web
Version: 1.0.0
The `server.js` file uses `child_process.execSync` to execute `openclaw agent` commands with user-provided input from the `/api/chat` endpoint. While there is an attempt to sanitize the user's `message` (`message.replace(/"/g, '\"').replace(/\$/g, '\$')`), this sanitization is insufficient to prevent all potential shell injection vulnerabilities, posing a risk of Remote Code Execution (RCE). Additionally, this 'hidden chat' feature explicitly allows users to perform prompt injection against the AI agent. Although there is no clear evidence of intentional malicious behavior like data exfiltration or backdoors, the presence of a shell injection vulnerability and direct prompt injection vector makes this skill bundle suspicious.
能力评估
Purpose & Capability
The description is a simple status/monitoring web UI, which would reasonably read local status and maybe call OpenClaw APIs. However the shipped code expects to execute the OpenClaw CLI (execSync('openclaw ...')), read files under /home/admin/openclaw/workspace/memory, and relies on additional modules (get-scheduled-tasks-simple) that are referenced but not present. The skill declares no required binaries or env vars despite depending on the openclaw CLI and a specific filesystem layout—this mismatch is incoherent.
Instruction Scope
Runtime instructions and scripts attempt to read agent memory files, call a local OpenClaw HTTP endpoint (update-cache.sh calls http://localhost:18789/api/status), and execute OpenClaw CLI commands. The POST /api/chat endpoint, when given a special activation phrase (or unlocked=true), runs `openclaw agent --session-id <hardcoded-id> --message ...` via shell exec and returns the result. That effectively provides a remote-to-agent relay with only a magic-string check (no proper auth). SKILL.md startup instructions reference start.sh and server.js at top-level, but the repository uses different filenames/paths, creating further mismatch.
Install Mechanism
There is no external install/download step (instruction-only install spec), so no remote code is fetched during install. The risk here comes from the included files themselves (they will run on the host), but there are no URLs/archives to flag.
Credentials
The skill requests no environment variables or credentials, yet the code accesses sensitive local paths (/home/admin/openclaw/workspace and its memory files), expects the 'openclaw' CLI to be present, and calls localhost:18789. For a simple UI this access could be reasonable, but the lack of explicit declared requirements (binaries, config paths, or auth requirements) is disproportionate and hides the true privileges the skill needs.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. However, it opens a local web server exposing an unauthenticated chat API that can invoke the agent CLI (with a hardcoded main session id). That increases blast radius if the server is reachable — you should treat the service as potentially able to influence the agent at runtime and restrict network exposure and authentication accordingly.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install status-web - 安装完成后,直接呼叫该 Skill 的名称或使用
/status-web触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of xiaoyu-bot-status: a comprehensive web status monitor for OpenClaw Agent.
- Real-time monitoring of work tasks, scheduled jobs, and system health via web interface
- Static cache ensures instant page load; background silent update for fresh data
- Polished, responsive UI with visual status indicators and animation effects
- Fully independent Node.js service—runs standalone, Cloudflare Tunnel supported
- Easter egg: 7x title click reveals a secure chat window with the bot
- Cron-based script for automated cache updates every 3 hours
元数据
常见问题
status-web 是什么?
小雨 bot 状态监测页面技能包。提供实时监控 OpenClaw Agent 工作状态、定时任务和系统健康状况的 Web 界面。包含静态缓存机制确保快速加载,美化 UI 界面,以及独立部署能力。使用场景:需要监控 AI Agent 运行状态、查看最近工作记录、管理定时任务、检查系统健康状况。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1772 次。
如何安装 status-web?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install status-web」即可一键安装,无需额外配置。
status-web 是免费的吗?
是的,status-web 完全免费(开源免费),可自由下载、安装和使用。
status-web 支持哪些平台?
status-web 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 status-web?
由 Yitao&Agents(@ra1nzzz)开发并维护,当前版本 v1.0.0。
推荐 Skills