VPS Guardian

Autonomous VPS monitoring and auto-remediation — kills runaway procs, frees disk, restarts dead services, hardens security. Not alerts. Action.

This skill does what it says (automated remediation) and therefore needs root — that makes mistakes or hidden behavior dangerous. Specific concerns: the README tells you to curl a script from raw.githubusercontent.com even though the package contains the script (provenance mismatch); some doc claims (CPU over 5 minutes, approval gates) don't match the code's simplistic implementation; there are bugs (e.g., incorrect f-string usage in journal vacuum command) that could prevent intended behavior. Before installing: (1) review the full guardian.py source line-by-line (especially iptables, kill logic, file deletions and systemctl calls); (2) run in a disposable/test VM or container as root only after inspection; (3) use --dry-run and confirm logs before enabling daemon/cron; (4) avoid blindly following the curl instruction — use the bundled script from a verified source or fetch only from a repository you trust; (5) verify the approval/auto-block logic and whitelist behavior to avoid accidental lockout. If you lack the ability to audit the code, treat this skill as high-risk and do not run it on any production VPS.

Type: OpenClaw Skill Name: vps-guardian Version: 1.0.0 The vps-guardian skill performs high-privilege system operations including process termination (os.kill), file deletion, and firewall modification via iptables in src/guardian.py. While these actions align with the stated purpose of autonomous server remediation in SKILL.md, the script's broad authority to modify system state as root poses a significant risk of unintended service disruption or data loss. Additionally, the documentation promotes a risky installation pattern via curl to a privileged path from an external GitHub repository (raw.githubusercontent.com/vps-guardian/guardian).