by 安全扫描
OpenClaw
可疑
high confidenceThe skill appears to implement a local guardian for an OpenClaw gateway, but its documentation, runtime instructions, and metadata contain multiple mismatches (missing commands, undeclared binary dependency, and guidance to run with high system privileges) that should be resolved before trusting it.
评估建议
This package is not clearly dishonest or malicious, but it has multiple inconsistencies you should resolve before installing:
- Confirm the presence and trustworthiness of the `openclaw` CLI on the host; the guardian calls `openclaw gateway restart` but the skill metadata does not declare that binary as required.
- The README/SKILL.md mention commands (init, health) and notification features that the included script does not implement — expect limited functionality (start/stop/status/logs) as s...详细分析 ▾
ℹ 用途与能力
The stated purpose (monitor and restart an OpenClaw gateway) matches the script's behavior: it checks a local port and calls `openclaw gateway restart`. However the package metadata does not declare the openclaw CLI as a required binary even though the code depends on it. Documentation promises notification channels (Feishu/Telegram/WeChat) and an 'init' workflow that the shipped script does not implement. These are inconsistencies between claimed capabilities and actual implementation.
⚠ 指令范围
SKILL.md (and other docs) instruct users to run commands such as `python scripts/gateway_guardian.py init`, `health`, and references to logs/health/notifications — but the included Python script only supports start|stop|status|logs. The docs also recommend creating scheduled tasks that run as SYSTEM. The runtime instructions therefore ask the agent/user to perform actions the shipped code does not support or that escalate privileges; this is scope creep and can mislead operators.
✓ 安装机制
There is no external install spec or downloads — the skill is instruction-only with a local Python script and a small requirements.txt (aiohttp). That lowers supply-chain risk. No network-download install steps or obscure URLs are present in the package itself.
ℹ 凭证需求
The skill declares no required environment variables, but the documentation and example config reference notification tokens and webhooks. The runtime script does not read environment secrets (notifications are disabled by default), but it depends on an external `openclaw` CLI which is not declared in metadata. Also docs suggest running scheduled tasks as SYSTEM (implying higher privileges) without documenting why such privilege is needed.
⚠ 持久化与权限
The package instructs (in multiple docs) how to create an OS-level scheduled task and even shows it running under the SYSTEM account. The skill metadata itself doesn't request persistent/global privileges, but the install/deployment instructions encourage configuration that would run the guardian with system-level privileges. Combined with the undeclared dependency on an external CLI, this is a privilege-related concern and should be a conscious operator decision rather than a default.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.32026/3/15
- Updated scripts/gateway_guardian.py. - Internal code improvements or fixes (details not provided). - No user-facing documentation changes. - Version updated to 1.0.3.
● 无害
安装命令
点击复制官方npx clawhub@latest install openclaw-gateway-guardian
镜像加速npx clawhub@latest install openclaw-gateway-guardian --registry https://cn.longxiaskill.com