{ "schemaVersion": "1.0", "item": { "slug": "mh-healthcheck", "name": "MH healthcheck", "source": "tencent", "type": "skill", "category": "安全合规", "sourceUrl": "https://clawhub.ai/mohdalhashemi98-hue/mh-healthcheck", "canonicalUrl": "https://clawhub.ai/mohdalhashemi98-hue/mh-healthcheck", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/mh-healthcheck", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=mh-healthcheck", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/mh-healthcheck" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/mh-healthcheck", "agentPageUrl": "https://openagent3.xyz/skills/mh-healthcheck/agent", "manifestUrl": "https://openagent3.xyz/skills/mh-healthcheck/agent.json", "briefUrl": "https://openagent3.xyz/skills/mh-healthcheck/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Overview", "body": "Assess and harden the host running OpenClaw, then align it to a user-defined risk tolerance without breaking access. Use OpenClaw security tooling as a first-class signal, but treat OS hardening as a separate, explicit set of steps." }, { "title": "Core rules", "body": "Recommend running this skill with a state-of-the-art model (e.g., Opus 4.5, GPT 5.2+). The agent should self-check the current model and suggest switching if below that level; do not block execution.\nRequire explicit approval before any state-changing action.\nDo not modify remote access settings without confirming how the user connects.\nPrefer reversible, staged changes with a rollback plan.\nNever claim OpenClaw changes the host firewall, SSH, or OS updates; it does not.\nIf role/identity is unknown, provide recommendations only.\nFormatting: every set of user choices must be numbered so the user can reply with a single digit.\nSystem-level backups are recommended; try to verify status." }, { "title": "0) Model self-check (non-blocking)", "body": "Before starting, check the current model. If it is below state-of-the-art (e.g., Opus 4.5, GPT 5.2+), recommend switching. Do not block execution." }, { "title": "1) Establish context (read-only)", "body": "Try to infer 1–5 from the environment before asking. Prefer simple, non-technical questions if you need confirmation.\n\nDetermine (in order):\n\nOS and version (Linux/macOS/Windows), container vs host.\nPrivilege level (root/admin vs user).\nAccess path (local console, SSH, RDP, tailnet).\nNetwork exposure (public IP, reverse proxy, tunnel).\nOpenClaw gateway status and bind address.\nBackup system and status (e.g., Time Machine, system images, snapshots).\nDeployment context (local mac app, headless gateway host, remote gateway, container/CI).\nDisk encryption status (FileVault/LUKS/BitLocker).\nOS automatic security updates status.\nNote: these are not blocking items, but are highly recommended, especially if OpenClaw can access sensitive data.\nUsage mode for a personal assistant with full access (local workstation vs headless/remote vs other).\n\nFirst ask once for permission to run read-only checks. If granted, run them by default and only ask questions for items you cannot infer or verify. Do not ask for information already visible in runtime or command output. Keep the permission ask as a single sentence, and list follow-up info needed as an unordered list (not numbered) unless you are presenting selectable choices.\n\nIf you must ask, use non-technical prompts:\n\n“Are you using a Mac, Windows PC, or Linux?”\n“Are you logged in directly on the machine, or connecting from another computer?”\n“Is this machine reachable from the public internet, or only on your home/network?”\n“Do you have backups enabled (e.g., Time Machine), and are they current?”\n“Is disk encryption turned on (FileVault/BitLocker/LUKS)?”\n“Are automatic security updates enabled?”\n“How do you use this machine?”\nExamples:\n\nPersonal machine shared with the assistant\nDedicated local machine for the assistant\nDedicated remote machine/server accessed remotely (always on)\nSomething else?\n\nOnly ask for the risk profile after system context is known.\n\nIf the user grants read-only permission, run the OS-appropriate checks by default. If not, offer them (numbered). Examples:\n\nOS: uname -a, sw_vers, cat /etc/os-release.\nListening ports:\n\nLinux: ss -ltnup (or ss -ltnp if -u unsupported).\nmacOS: lsof -nP -iTCP -sTCP:LISTEN.\n\n\nFirewall status:\n\nLinux: ufw status, firewall-cmd --state, nft list ruleset (pick what is installed).\nmacOS: /usr/libexec/ApplicationFirewall/socketfilterfw --getglobalstate and pfctl -s info.\n\n\nBackups (macOS): tmutil status (if Time Machine is used)." }, { "title": "2) Run OpenClaw security audits (read-only)", "body": "As part of the default read-only checks, run openclaw security audit --deep. Only offer alternatives if the user requests them:\n\nopenclaw security audit (faster, non-probing)\nopenclaw security audit --json (structured output)\n\nOffer to apply OpenClaw safe defaults (numbered):\n\nopenclaw security audit --fix\n\nBe explicit that --fix only tightens OpenClaw defaults and file permissions. It does not change host firewall, SSH, or OS update policies.\n\nIf browser control is enabled, recommend that 2FA be enabled on all important accounts, with hardware keys preferred and SMS not sufficient." }, { "title": "3) Check OpenClaw version/update status (read-only)", "body": "As part of the default read-only checks, run openclaw update status.\n\nReport the current channel and whether an update is available." }, { "title": "4) Determine risk tolerance (after system context)", "body": "Ask the user to pick or confirm a risk posture and any required open services/ports (numbered choices below).\nDo not pigeonhole into fixed profiles; if the user prefers, capture requirements instead of choosing a profile.\nOffer suggested profiles as optional defaults (numbered). Note that most users pick Home/Workstation Balanced:\n\nHome/Workstation Balanced (most common): firewall on with reasonable defaults, remote access restricted to LAN or tailnet.\nVPS Hardened: deny-by-default inbound firewall, minimal open ports, key-only SSH, no root login, automatic security updates.\nDeveloper Convenience: more local services allowed, explicit exposure warnings, still audited.\nCustom: user-defined constraints (services, exposure, update cadence, access methods)." }, { "title": "5) Produce a remediation plan", "body": "Provide a plan that includes:\n\nTarget profile\nCurrent posture summary\nGaps vs target\nStep-by-step remediation with exact commands\nAccess-preservation strategy and rollback\nRisks and potential lockout scenarios\nLeast-privilege notes (e.g., avoid admin usage, tighten ownership/permissions where safe)\nCredential hygiene notes (location of OpenClaw creds, prefer disk encryption)\n\nAlways show the plan before any changes." }, { "title": "6) Offer execution options", "body": "Offer one of these choices (numbered so users can reply with a single digit):\n\nDo it for me (guided, step-by-step approvals)\nShow plan only\nFix only critical issues\nExport commands for later" }, { "title": "7) Execute with confirmations", "body": "For each step:\n\nShow the exact command\nExplain impact and rollback\nConfirm access will remain available\nStop on unexpected output and ask for guidance" }, { "title": "8) Verify and report", "body": "Re-check:\n\nFirewall status\nListening ports\nRemote access still works\nOpenClaw security audit (re-run)\n\nDeliver a final posture report and note any deferred items." }, { "title": "Required confirmations (always)", "body": "Require explicit approval for:\n\nFirewall rule changes\nOpening/closing ports\nSSH/RDP configuration changes\nInstalling/removing packages\nEnabling/disabling services\nUser/group modifications\nScheduling tasks or startup persistence\nUpdate policy changes\nAccess to sensitive files or credentials\n\nIf unsure, ask." }, { "title": "Periodic checks", "body": "After OpenClaw install or first hardening pass, run at least one baseline audit and version check:\n\nopenclaw security audit\nopenclaw security audit --deep\nopenclaw update status\n\nOngoing monitoring is recommended. Use the OpenClaw cron tool/CLI to schedule periodic audits (Gateway scheduler). Do not create scheduled tasks without explicit approval. Store outputs in a user-approved location and avoid secrets in logs.\nWhen scheduling headless cron runs, include a note in the output that instructs the user to call healthcheck so issues can be fixed." }, { "title": "Required prompt to schedule (always)", "body": "After any audit or hardening pass, explicitly offer scheduling and require a direct response. Use a short prompt like (numbered):\n\n“Do you want me to schedule periodic audits (e.g., daily/weekly) via openclaw cron add?”\n\nIf the user says yes, ask for:\n\ncadence (daily/weekly), preferred time window, and output location\nwhether to also schedule openclaw update status\n\nUse a stable cron job name so updates are deterministic. Prefer exact names:\n\nhealthcheck:security-audit\nhealthcheck:update-status\n\nBefore creating, openclaw cron list and match on exact name. If found, openclaw cron edit ....\nIf not found, openclaw cron add --name ....\n\nAlso offer a periodic version check so the user can decide when to update (numbered):\n\nopenclaw update status (preferred for source checkouts and channels)\nnpm view openclaw version (published npm version)" }, { "title": "OpenClaw command accuracy", "body": "Use only supported commands and flags:\n\nopenclaw security audit [--deep] [--fix] [--json]\nopenclaw status / openclaw status --deep\nopenclaw health --json\nopenclaw update status\nopenclaw cron add|list|runs|run\n\nDo not invent CLI flags or imply OpenClaw enforces host firewall/SSH policies." }, { "title": "Logging and audit trail", "body": "Record:\n\nGateway identity and role\nPlan ID and timestamp\nApproved steps and exact commands\nExit codes and files modified (best effort)\n\nRedact secrets. Never log tokens or full credential contents." }, { "title": "Memory writes (conditional)", "body": "Only write to memory files when the user explicitly opts in and the session is a private/local workspace\n(per docs/reference/templates/AGENTS.md). Otherwise provide a redacted, paste-ready summary the user can\ndecide to save elsewhere.\n\nFollow the durable-memory prompt format used by OpenClaw compaction:\n\nWrite lasting notes to memory/YYYY-MM-DD.md.\n\nAfter each audit/hardening run, if opted-in, append a short, dated summary to memory/YYYY-MM-DD.md\n(what was checked, key findings, actions taken, any scheduled cron jobs, key decisions,\nand all commands executed). Append-only: never overwrite existing entries.\nRedact sensitive host details (usernames, hostnames, IPs, serials, service names, tokens).\nIf there are durable preferences or decisions (risk posture, allowed ports, update policy),\nalso update MEMORY.md (long-term memory is optional and only used in private sessions).\n\nIf the session cannot write to the workspace, ask for permission or provide exact entries\nthe user can paste into the memory files." } ], "body": "OpenClaw Host Hardening\nOverview\n\nAssess and harden the host running OpenClaw, then align it to a user-defined risk tolerance without breaking access. Use OpenClaw security tooling as a first-class signal, but treat OS hardening as a separate, explicit set of steps.\n\nCore rules\nRecommend running this skill with a state-of-the-art model (e.g., Opus 4.5, GPT 5.2+). The agent should self-check the current model and suggest switching if below that level; do not block execution.\nRequire explicit approval before any state-changing action.\nDo not modify remote access settings without confirming how the user connects.\nPrefer reversible, staged changes with a rollback plan.\nNever claim OpenClaw changes the host firewall, SSH, or OS updates; it does not.\nIf role/identity is unknown, provide recommendations only.\nFormatting: every set of user choices must be numbered so the user can reply with a single digit.\nSystem-level backups are recommended; try to verify status.\nWorkflow (follow in order)\n0) Model self-check (non-blocking)\n\nBefore starting, check the current model. If it is below state-of-the-art (e.g., Opus 4.5, GPT 5.2+), recommend switching. Do not block execution.\n\n1) Establish context (read-only)\n\nTry to infer 1–5 from the environment before asking. Prefer simple, non-technical questions if you need confirmation.\n\nDetermine (in order):\n\nOS and version (Linux/macOS/Windows), container vs host.\nPrivilege level (root/admin vs user).\nAccess path (local console, SSH, RDP, tailnet).\nNetwork exposure (public IP, reverse proxy, tunnel).\nOpenClaw gateway status and bind address.\nBackup system and status (e.g., Time Machine, system images, snapshots).\nDeployment context (local mac app, headless gateway host, remote gateway, container/CI).\nDisk encryption status (FileVault/LUKS/BitLocker).\nOS automatic security updates status. Note: these are not blocking items, but are highly recommended, especially if OpenClaw can access sensitive data.\nUsage mode for a personal assistant with full access (local workstation vs headless/remote vs other).\n\nFirst ask once for permission to run read-only checks. If granted, run them by default and only ask questions for items you cannot infer or verify. Do not ask for information already visible in runtime or command output. Keep the permission ask as a single sentence, and list follow-up info needed as an unordered list (not numbered) unless you are presenting selectable choices.\n\nIf you must ask, use non-technical prompts:\n\n“Are you using a Mac, Windows PC, or Linux?”\n“Are you logged in directly on the machine, or connecting from another computer?”\n“Is this machine reachable from the public internet, or only on your home/network?”\n“Do you have backups enabled (e.g., Time Machine), and are they current?”\n“Is disk encryption turned on (FileVault/BitLocker/LUKS)?”\n“Are automatic security updates enabled?”\n“How do you use this machine?” Examples:\nPersonal machine shared with the assistant\nDedicated local machine for the assistant\nDedicated remote machine/server accessed remotely (always on)\nSomething else?\n\nOnly ask for the risk profile after system context is known.\n\nIf the user grants read-only permission, run the OS-appropriate checks by default. If not, offer them (numbered). Examples:\n\nOS: uname -a, sw_vers, cat /etc/os-release.\nListening ports:\nLinux: ss -ltnup (or ss -ltnp if -u unsupported).\nmacOS: lsof -nP -iTCP -sTCP:LISTEN.\nFirewall status:\nLinux: ufw status, firewall-cmd --state, nft list ruleset (pick what is installed).\nmacOS: /usr/libexec/ApplicationFirewall/socketfilterfw --getglobalstate and pfctl -s info.\nBackups (macOS): tmutil status (if Time Machine is used).\n2) Run OpenClaw security audits (read-only)\n\nAs part of the default read-only checks, run openclaw security audit --deep. Only offer alternatives if the user requests them:\n\nopenclaw security audit (faster, non-probing)\nopenclaw security audit --json (structured output)\n\nOffer to apply OpenClaw safe defaults (numbered):\n\nopenclaw security audit --fix\n\nBe explicit that --fix only tightens OpenClaw defaults and file permissions. It does not change host firewall, SSH, or OS update policies.\n\nIf browser control is enabled, recommend that 2FA be enabled on all important accounts, with hardware keys preferred and SMS not sufficient.\n\n3) Check OpenClaw version/update status (read-only)\n\nAs part of the default read-only checks, run openclaw update status.\n\nReport the current channel and whether an update is available.\n\n4) Determine risk tolerance (after system context)\n\nAsk the user to pick or confirm a risk posture and any required open services/ports (numbered choices below). Do not pigeonhole into fixed profiles; if the user prefers, capture requirements instead of choosing a profile. Offer suggested profiles as optional defaults (numbered). Note that most users pick Home/Workstation Balanced:\n\nHome/Workstation Balanced (most common): firewall on with reasonable defaults, remote access restricted to LAN or tailnet.\nVPS Hardened: deny-by-default inbound firewall, minimal open ports, key-only SSH, no root login, automatic security updates.\nDeveloper Convenience: more local services allowed, explicit exposure warnings, still audited.\nCustom: user-defined constraints (services, exposure, update cadence, access methods).\n5) Produce a remediation plan\n\nProvide a plan that includes:\n\nTarget profile\nCurrent posture summary\nGaps vs target\nStep-by-step remediation with exact commands\nAccess-preservation strategy and rollback\nRisks and potential lockout scenarios\nLeast-privilege notes (e.g., avoid admin usage, tighten ownership/permissions where safe)\nCredential hygiene notes (location of OpenClaw creds, prefer disk encryption)\n\nAlways show the plan before any changes.\n\n6) Offer execution options\n\nOffer one of these choices (numbered so users can reply with a single digit):\n\nDo it for me (guided, step-by-step approvals)\nShow plan only\nFix only critical issues\nExport commands for later\n7) Execute with confirmations\n\nFor each step:\n\nShow the exact command\nExplain impact and rollback\nConfirm access will remain available\nStop on unexpected output and ask for guidance\n8) Verify and report\n\nRe-check:\n\nFirewall status\nListening ports\nRemote access still works\nOpenClaw security audit (re-run)\n\nDeliver a final posture report and note any deferred items.\n\nRequired confirmations (always)\n\nRequire explicit approval for:\n\nFirewall rule changes\nOpening/closing ports\nSSH/RDP configuration changes\nInstalling/removing packages\nEnabling/disabling services\nUser/group modifications\nScheduling tasks or startup persistence\nUpdate policy changes\nAccess to sensitive files or credentials\n\nIf unsure, ask.\n\nPeriodic checks\n\nAfter OpenClaw install or first hardening pass, run at least one baseline audit and version check:\n\nopenclaw security audit\nopenclaw security audit --deep\nopenclaw update status\n\nOngoing monitoring is recommended. Use the OpenClaw cron tool/CLI to schedule periodic audits (Gateway scheduler). Do not create scheduled tasks without explicit approval. Store outputs in a user-approved location and avoid secrets in logs. When scheduling headless cron runs, include a note in the output that instructs the user to call healthcheck so issues can be fixed.\n\nRequired prompt to schedule (always)\n\nAfter any audit or hardening pass, explicitly offer scheduling and require a direct response. Use a short prompt like (numbered):\n\n“Do you want me to schedule periodic audits (e.g., daily/weekly) via openclaw cron add?”\n\nIf the user says yes, ask for:\n\ncadence (daily/weekly), preferred time window, and output location\nwhether to also schedule openclaw update status\n\nUse a stable cron job name so updates are deterministic. Prefer exact names:\n\nhealthcheck:security-audit\nhealthcheck:update-status\n\nBefore creating, openclaw cron list and match on exact name. If found, openclaw cron edit .... If not found, openclaw cron add --name ....\n\nAlso offer a periodic version check so the user can decide when to update (numbered):\n\nopenclaw update status (preferred for source checkouts and channels)\nnpm view openclaw version (published npm version)\nOpenClaw command accuracy\n\nUse only supported commands and flags:\n\nopenclaw security audit [--deep] [--fix] [--json]\nopenclaw status / openclaw status --deep\nopenclaw health --json\nopenclaw update status\nopenclaw cron add|list|runs|run\n\nDo not invent CLI flags or imply OpenClaw enforces host firewall/SSH policies.\n\nLogging and audit trail\n\nRecord:\n\nGateway identity and role\nPlan ID and timestamp\nApproved steps and exact commands\nExit codes and files modified (best effort)\n\nRedact secrets. Never log tokens or full credential contents.\n\nMemory writes (conditional)\n\nOnly write to memory files when the user explicitly opts in and the session is a private/local workspace (per docs/reference/templates/AGENTS.md). Otherwise provide a redacted, paste-ready summary the user can decide to save elsewhere.\n\nFollow the durable-memory prompt format used by OpenClaw compaction:\n\nWrite lasting notes to memory/YYYY-MM-DD.md.\n\nAfter each audit/hardening run, if opted-in, append a short, dated summary to memory/YYYY-MM-DD.md (what was checked, key findings, actions taken, any scheduled cron jobs, key decisions, and all commands executed). Append-only: never overwrite existing entries. Redact sensitive host details (usernames, hostnames, IPs, serials, service names, tokens). If there are durable preferences or decisions (risk posture, allowed ports, update policy), also update MEMORY.md (long-term memory is optional and only used in private sessions).\n\nIf the session cannot write to the workspace, ask for permission or provide exact entries the user can paste into the memory files." }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/mohdalhashemi98-hue/mh-healthcheck", "publisherUrl": "https://clawhub.ai/mohdalhashemi98-hue/mh-healthcheck", "owner": "mohdalhashemi98-hue", "version": "1.0.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/mh-healthcheck", "downloadUrl": "https://openagent3.xyz/downloads/mh-healthcheck", "agentUrl": "https://openagent3.xyz/skills/mh-healthcheck/agent", "manifestUrl": "https://openagent3.xyz/skills/mh-healthcheck/agent.json", "briefUrl": "https://openagent3.xyz/skills/mh-healthcheck/agent.md" } }