← 返回 Skills 市场
WatchClaw
作者
Jarvis Wang
· GitHub ↗
· v1.0.0
446
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install watchclaw
功能描述
Auto-recovery watchdog for OpenClaw gateway. Monitors health, detects bad config changes, and recovers via git stash/revert. Supports native and Docker resta...
安全使用建议
This skill is coherent with its stated purpose but has meaningful operational risks you should consider before installing:
- Audit the code before running: inspect the watchclaw and watchclaw.sh scripts (the package downloads these from GitHub raw). Do NOT run the curl ... | bash install command without reviewing the script. Prefer cloning the repository and reviewing files locally.
- Back up your OpenClaw config repo (and any important branches) before letting Watchclaw run — it will run git stash and git revert and can change repo history or discard uncommitted work.
- Test in a non-production environment first and use DRY_RUN=1 to verify alerting/behavior without performing destructive actions.
- If you use webhooks or alert commands, avoid embedding secrets in the config file unless you trust the script; restrict network access or use a dedicated, limited webhook URL.
- Consider running watchclaw under a dedicated user or container with limited permissions so it can restart the gateway/container but cannot access unrelated user files.
If you want a safer install flow: clone https://github.com/jarvis4wang/watchclaw, inspect the install.sh and the watchclaw scripts locally, then run the local install.sh (or copy the scripts manually) rather than piping a remote script directly into bash.
功能分析
Type: OpenClaw Skill
Name: watchclaw
Version: 1.0.0
The skill is classified as suspicious due to two primary reasons: First, the `SKILL.md` file instructs the AI agent to install the tool via `curl -fsSL ... | bash`. This is a significant supply chain vulnerability, as it executes arbitrary code from a remote GitHub repository, posing a critical RCE risk if the repository is compromised. Second, the `README.md` documentation details an `ALERT_COMMAND` feature that allows the execution of arbitrary shell commands as an alert mechanism. While a legitimate feature, it introduces a powerful RCE vulnerability if an attacker can manipulate the `watchclaw.conf` file or prompt the AI agent to configure a malicious command.
能力评估
Purpose & Capability
Name/description (watchdog for OpenClaw gateway) matches the runtime instructions and required binary: the skill needs a watchclaw CLI that monitors health, inspects the gateway config repo, and performs git stash/revert and restart actions. The requested binaries and config paths (GATEWAY_CONFIG_DIR) are coherent with this purpose.
Instruction Scope
The SKILL.md instructs running the watchclaw CLI which will access the user's OpenClaw config repo (default ~/.openclaw), run git stash/git revert, and restart the gateway or a Docker container. Those operations are within the claimed scope, but they are destructive by nature (changing repo state, reverting commits, stashing) and can cause data loss if used without backups. The SKILL.md's install metadata also suggests running a remote script via curl | bash, which grants the remote content broad permission to run arbitrary commands on the host.
Install Mechanism
The SKILL.md metadata recommends installing via a curl -fsSL https://raw.githubusercontent.com/.../install.sh | bash pattern (remote script piped to shell). While the URL is GitHub raw (a commonly used host), piping remote scripts to bash is high-risk because it executes remote code immediately without local inspection or signature verification. The package also includes a local install.sh that downloads files from raw.githubusercontent.com (safer than piping to bash but still downloads code from remote sources without verification).
Credentials
The skill declares no required credentials or env vars and the runtime behavior doesn't demand unrelated cloud credentials. It does reference optional env/config variables (e.g., WATCHCLAW_CONF, OPENCLAW_BIN, ALERT_WEBHOOK_URL) that are reasonable for operation. There are no unexpected credential requests in the metadata.
Persistence & Privilege
always:false (good). The skill is allowed to be invoked autonomously (platform default); combined with its behavior (modifying a git repo, restarting processes/containers, and sending webhooks), that grants it significant local effect. This is consistent with a watchdog but increases blast radius — run with caution and restrict execution contexts as appropriate.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install watchclaw - 安装完成后,直接呼叫该 Skill 的名称或使用
/watchclaw触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of watchclaw — an auto-recovery watchdog for OpenClaw gateways.
- Monitors OpenClaw gateway health and configuration status.
- Automatically recovers from bad config changes via git stash or revert.
- Supports both native and Docker-based restart modes.
- Provides pluggable alert options: iMessage, webhook, or custom command.
- Implements probation to ensure stability after new config changes.
元数据
常见问题
WatchClaw 是什么?
Auto-recovery watchdog for OpenClaw gateway. Monitors health, detects bad config changes, and recovers via git stash/revert. Supports native and Docker resta... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 446 次。
如何安装 WatchClaw?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install watchclaw」即可一键安装,无需额外配置。
WatchClaw 是免费的吗?
是的,WatchClaw 完全免费(开源免费),可自由下载、安装和使用。
WatchClaw 支持哪些平台?
WatchClaw 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 WatchClaw?
由 Jarvis Wang(@jarvis4wang)开发并维护,当前版本 v1.0.0。
推荐 Skills