Scan Report
5 /100
auto-heal
全天自动监控 OpenClaw 状态,检测到卡死自动修复
Legitimate OpenClaw auto-heal monitoring skill with no malicious behavior detected.
Safe to install
Skill is safe to use. Standard monitoring patterns with OpenClaw CLI integration.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | READ | WRITE | ✓ Aligned | monitor.js:49-53 creates logs directory, writes log files |
| Shell | WRITE | WRITE | ✓ Aligned | monitor.js:56-58 execSync for 'openclaw gateway status', 'ps', 'find' commands |
| Environment | NONE | READ | ✓ Aligned | install.js:18 reads HOME env var |
| Skill Invoke | READ | READ | ✓ Aligned | Skill triggers on user queries about auto-heal |
4 findings
Medium External URL 外部 URL
https://img.shields.io/badge/version-1.0.0-blue.svg README.md:3 Medium External URL 外部 URL
https://img.shields.io/badge/license-MIT-green.svg README.md:4 Medium External URL 外部 URL
https://img.shields.io/badge/openclaw-compatible-orange.svg README.md:5 Medium External URL 外部 URL
https://openclaw.ai README.md:5 File Tree
6 files · 16.6 KB · 704 lines JavaScript 2f · 372L
Markdown 2f · 284L
JSON 2f · 48L
├─
install.js
JavaScript
├─
monitor.js
JavaScript
├─
package.json
JSON
├─
README.md
Markdown
├─
SKILL.md
Markdown
└─
state.json
JSON
Security Positives
✓ All shell commands use documented OpenClaw CLI (gateway status, sessions list/kill)
✓ No external network requests or data exfiltration
✓ No credential harvesting or sensitive file access
✓ No base64 encoding, obfuscation, or suspicious patterns
✓ Clean logging to skill's own directory only
✓ No curl|bash or remote script execution
✓ Dependencies are minimal (Node.js built-in modules only)
✓ Code is readable and matches documentation