clawdoctor Security Report — Trusted | ClawSafe

5 /100

clawdoctor

Self-healing monitor for OpenClaw gateways, crons, and agent sessions with Telegram alerts and auto-fix capabilities

ClawDoctor is a legitimate self-healing monitor for OpenClaw with well-structured, confined shell execution, no credential harvesting, no obfuscation, and documented behavior that aligns with implementation.

Skill Nameclawdoctor

Duration67.0s

Enginepi

✓

Safe to install

Approve for use. The skill performs its declared monitoring and auto-fix functions within a tightly controlled set of shell commands and file paths scoped to ~/.openclaw and the openclaw CLI.

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	Reads session files at ~/.openclaw/agents//sessions/.jsonl, cron jobs at ~/.op…
Network	`READ`	`READ`	✓ Aligned	POSTs license keys to https://clawdoctor.dev/api/license/validate (config.ts:179…
Shell	`NONE`	`WRITE`	✓ Aligned	execFileSync('systemctl', ...) in healers/process.ts:26; execFileSync('openclaw'…
Environment	`NONE`	`READ`	✓ Aligned	Reads CLAWDOCTOR_KEY from process.env.CLAWDOCTOR_KEY (config.ts:144, daemon.ts:1…
Database	`NONE`	`READ/WRITE`	✓ Aligned	Writes to ~/.clawdoctor/events.db (SQLite, better-sqlite3). Only stores event lo…
Skill Invoke	`NONE`	`NONE`	—	No inter-skill invocation observed.
Clipboard	`NONE`	`NONE`	—	No clipboard access.
Browser	`NONE`	`NONE`	—	No browser automation.

10 findings

🔗

Medium External URL 外部 URL

https://clawdoctor.dev

CLAWDOCTOR-FACTSHEET.md:19

🔗

Medium External URL 外部 URL

https://www.npmjs.com/package/clawdoctor

CLAWDOCTOR-FACTSHEET.md:20

🔗

Medium External URL 外部 URL

https://buy.stripe.com/7sY14g2fsex33F08U51ck01

CLAWDOCTOR-FACTSHEET.md:23

🔗

Medium External URL 外部 URL

https://buy.stripe.com/eVq28k2fsdsZ7Vg6LX1ck02

CLAWDOCTOR-FACTSHEET.md:24

🔗

Medium External URL 外部 URL

https://clawdoctor.dev/docs

CLAWDOCTOR-FACTSHEET.md:25

🔗

Medium External URL 外部 URL

https://clawdoctor.dev/welcome?session_id=...

CLAWDOCTOR-FACTSHEET.md:26

🔗

Medium External URL 外部 URL

https://www.patreon.com/feross

package-lock.json:58

🔗

Medium External URL 外部 URL

https://feross.org/support

package-lock.json:62

🔗

Medium External URL 外部 URL

https://api.telegram.org

src/alerters/telegram.ts:10

🔗

Medium External URL 外部 URL

https://clawdoctor.dev/#pricing

src/daemon.ts:133

File Tree

33 files · 194.5 KB · 5618 lines

TypeScript 26f · 4150L Markdown 4f · 873L JSON 3f · 595L

├─ ▾ 📁 src

│ ├─ ▾ 📁 alerters

│ │ └─ 📜 telegram.ts TypeScript 329L · 10.4 KB

│ ├─ ▾ 📁 healers

│ │ ├─ 📜 auth.ts TypeScript 56L · 1.9 KB

│ │ ├─ 📜 base.ts TypeScript 76L · 1.9 KB

│ │ ├─ 📜 budget.ts TypeScript 82L · 2.9 KB

│ │ ├─ 📜 cron.ts TypeScript 169L · 6.6 KB

│ │ ├─ 📜 process.ts TypeScript 92L · 3.6 KB

│ │ └─ 📜 session.ts TypeScript 119L · 4.6 KB

│ ├─ ▾ 📁 test

│ │ ├─ 📜 config.test.ts TypeScript 58L · 2.3 KB

│ │ ├─ 📜 healers.test.ts TypeScript 258L · 9.9 KB

│ │ ├─ 📜 store.test.ts TypeScript 97L · 3.5 KB

│ │ ├─ 📜 telegram.test.ts TypeScript 116L · 5.0 KB

│ │ └─ 📜 watchers.test.ts TypeScript 219L · 7.8 KB

│ ├─ ▾ 📁 watchers

│ │ ├─ 📜 auth.ts TypeScript 197L · 6.0 KB

│ │ ├─ 📜 base.ts TypeScript 55L · 1.6 KB

│ │ ├─ 📜 budget.ts TypeScript 128L · 3.9 KB

│ │ ├─ 📜 cost.ts TypeScript 176L · 5.5 KB

│ │ ├─ 📜 cron.ts TypeScript 137L · 4.1 KB

│ │ ├─ 📜 gateway.ts TypeScript 37L · 1.4 KB

│ │ └─ 📜 session.ts TypeScript 160L · 5.8 KB

│ ├─ 📜 audit.ts TypeScript 38L · 1.1 KB

│ ├─ 📜 config.ts TypeScript 276L · 8.1 KB

│ ├─ 📜 daemon.ts TypeScript 433L · 15.8 KB

│ ├─ 📜 index.ts TypeScript 547L · 19.6 KB

│ ├─ 📜 snapshots.ts TypeScript 101L · 2.9 KB

│ ├─ 📜 store.ts TypeScript 141L · 4.1 KB

│ └─ 📜 utils.ts TypeScript 53L · 1.7 KB

├─ 📝 CLAWDOCTOR-FACTSHEET.md Markdown 365L · 17.2 KB

├─ 📋 package-lock.json JSON 527L · 18.3 KB

├─ 📋 package.json JSON 49L · 1.1 KB

├─ 📝 README.md Markdown 165L · 4.8 KB

├─ 📝 SKILL.md Markdown 108L · 3.3 KB

├─ 📝 TASK.md Markdown 235L · 7.5 KB

└─ 📋 tsconfig.json JSON 19L · 445 B

Dependencies 3 items

Package	Version	Source	Known Vulns	Notes
`better-sqlite3`	`^9.4.3`	npm	No	Pinned to major version range ^9.4.3. Native SQLite binding with WAL support.
`commander`	`^12.1.0`	npm	No	Pinned to ^12.1.0. Standard CLI argument parser.
`typescript`	`^5.4.5`	npm (dev)	No	Dev dependency only. TypeScript compiler.

Security Positives

✓ Shell execution is tightly controlled: execFileSync only invokes 'openclaw' CLI and 'systemctl', no arbitrary command strings

✓ Rollback commands in snapshots.ts are validated against an explicit ALLOWED_ROLLBACK_PREFIXES allowlist

✓ No credential harvesting: code only reads CLAWDOCTOR_KEY env var and OpenClaw's own session/auth data within ~/.openclaw

✓ No obfuscation: no base64 encoding, no dynamic eval(), no anti-analysis techniques

✓ No external C2 communication: only expected outbound traffic to Telegram API and the skill's own licensing server

✓ SQLite DB is scoped to ~/.clawdoctor/events.db with WAL journal mode and proper file permissions (mode 0o600)

✓ Systemd service installation uses hardening flags: NoNewPrivileges=true, PrivateTmp=true, ProtectSystem=strict

✓ Telegram callback handlers are rate-limited (10s debounce) and expire after 24 hours

✓ Alert deduplication uses persistent timestamps in SQLite to prevent duplicate alerts across restarts

✓ Dependencies are pinned: better-sqlite3 ^9.4.3, commander ^12.1.0, typescript ^5.4.5

✓ License keys are cached locally with day-age validation before network re-check

✓ Auto-fix (healing) requires 'heal' plan — free/diagnose tiers force dryRun=true

Scan Report

File Tree

Dependencies 3 items

Security Positives