agent-status-monitor Security Report — Trusted | ClawSafe

5 /100

agent-status-monitor

检查本地开发 Agent（Claude Code、OpenCode、OpenClaw、Cursor 等）的运行状态、进程、会话和活动状态

This is a read-only agent status monitoring utility that reads session directories and runs process detection commands — all declared and documented. No malicious behavior, data exfiltration, credential access, or obfuscation detected.

Skill Nameagent-status-monitor

Duration49.9s

Enginepi

✓

Safe to install

This skill is safe to use. No action required. The install.js and telegram-commands/ are optional helper utilities that do not execute during normal skill operation.

Findings 1 items

Severity	Finding	Location
Low	Config file read not explicitly declared Doc Mismatch scripts/check-opencode.sh reads ~/.config/opencode/opencode.json to display version and config path. This is not explicitly documented in SKILL.md, though it is a minor information disclosure (file paths only). `if [ -f "$CONFIG_FILE" ]; then echo " 配置：$CONFIG_FILE"` → Consider documenting config file reading in SKILL.md for completeness	`scripts/check-opencode.sh:61`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	scripts/check-claude-code.sh:22 reads ~/.claude/projects/
Shell	`WRITE`	`WRITE`	✓ Aligned	scripts/check-agents.sh:25-27 invokes child scripts; scripts/check-openclaw.sh:4…
Network	`NONE`	`NONE`	—	No outbound network calls in any script. Only documentation reference to http://…
Environment	`NONE`	`NONE`	—	telegram-commands/index.js:33 sets FORCE_COLOR only — no sensitive env iteration
Skill Invoke	`NONE`	`NONE`	—	No cross-skill invocation detected
Clipboard	`NONE`	`NONE`	—	No clipboard access in any file
Browser	`NONE`	`NONE`	—	No browser automation
Database	`NONE`	`NONE`	—	No database access

3 findings

🔗

Medium External URL 外部 URL

https://socialify.git.ci/willin/agent-status-monitor/image?description=1&forks=1&name=1&owner=1&pattern=Circuit+Board&st...

README.md:7

🔗

Medium External URL 外部 URL

http://127.0.0.1:18789

references/agent-commands.md:58

🔗

Medium External URL 外部 URL

https://t.me/BotFather

telegram-commands/README.md:25

File Tree

13 files · 33.0 KB · 1214 lines

Markdown 5f · 852L Shell 5f · 215L JavaScript 2f · 126L JSON 1f · 21L

├─ ▾ 📁 references

│ └─ 📝 agent-commands.md Markdown 138L · 1.8 KB

├─ ▾ 📁 scripts

│ ├─ 🔧 check-agents.sh Shell 32L · 780 B

│ ├─ 🔧 check-claude-code.sh Shell 42L · 1.6 KB

│ ├─ 🔧 check-cursor.sh Shell 21L · 632 B

│ ├─ 🔧 check-openclaw.sh Shell 48L · 1.8 KB

│ └─ 🔧 check-opencode.sh Shell 72L · 3.1 KB

├─ ▾ 📁 telegram-commands

│ ├─ 📋 agents_monitor.plugin.json JSON 21L · 542 B

│ ├─ 📜 index.js JavaScript 70L · 2.3 KB

│ ├─ 📜 install.js JavaScript 56L · 1.6 KB

│ └─ 📝 README.md Markdown 121L · 2.7 KB

├─ 📝 README.md Markdown 193L · 5.3 KB

├─ 📝 README.zh-CN.md Markdown 194L · 5.3 KB

└─ 📝 SKILL.md Markdown 206L · 5.7 KB

Security Positives

✓ All shell execution is declared via the Bash/script invocation documented in SKILL.md

✓ All filesystem access targets only public session directories (no ~/.ssh, ~/.aws, .env, or credential paths)

✓ No base64 encoding, obfuscation, or anti-analysis techniques found

✓ No credential harvesting, API key exfiltration, or sensitive token access

✓ No curl|bash or wget|sh remote script execution

✓ No reverse shell, C2, or data exfiltration endpoints

✓ The install.js and telegram-commands/ are separate setup utilities, not executed during normal skill operation

✓ Script execution is read-only in nature — no files are created, modified, or deleted during monitoring

✓ No supply chain risks — no external dependencies, no requirements.txt/package.json

Scan Report

Findings 1 items

File Tree

Security Positives