Real-time operations dashboard for OpenClaw. Monitors sessions, costs, cron jobs, and gateway health. Use when installing the dashboard, starting the server,...
Security Analysis
medium confidenceThe package is internally consistent with an administrative OpenClaw dashboard: its files, runtime instructions, and optional environment flags match the described purpose, but it exposes several powerful opt‑in capabilities (loading keys.env, provider-admin API keys, mutating operations, absolute-path attachment copy) that you must explicitly enable and guard carefully.
Name/description match the bundled files (frontend, api-server.js, model registry). Declared required binaries (node, openclaw) are reasonable for a dashboard that inspects OpenClaw state. A small mismatch: the code shown primarily reads files and talks to local gateway endpoints rather than invoking an 'openclaw' CLI in visible snippets, but requiring the binary is reasonable for an admin tool that may call it in other code paths.
SKILL.md and api-server.js explicitly declare and use local OpenClaw data (~/.openclaw, workspace, sessions, cron, watchdog) and local gateway hooks (127.0.0.1:18789/18790). That is in-scope for an operations dashboard. The instructions and code also include endpoints for triggering tasks, uploading attachments (including optional absolute-path copy), and optional provider audits which contact external provider APIs if enabled. These behaviors are gated by explicit env flags, but they expand the agent's runtime surface significantly when turned on.
No external download/install steps are declared (instruction-only install spec). The bundle contains server and frontend JS that run under node. There is no suspicious remote install URL or archive extraction in the metadata provided.
No required secrets by default, which is good, but many powerful admin credentials and flags are listed as optional (OPENAI_ADMIN_KEY, ANTHROPIC_ADMIN_KEY, NOTION_API_KEY, OPENCLAW_HOOK_TOKEN, OPENCLAW_AUTH_TOKEN). The code can also auto-load a keys.env file into process.env when ENABLE_KEYS_ENV_AUTOLOAD is set. While these are optional and documented, they are high‑sensitivity and must only be provided in trusted, local deployments — otherwise they enable provider org queries or expose secrets to the dashboard process.
The skill is not always-enabled and does not request permanent platform-wide inclusion. Mutating capabilities (service restart, backups, npm install, file-copy by absolute path, session patching) exist but are explicitly gated behind environment flags and localhost checks; that model is coherent for an admin tool. There is no evidence it modifies other skills' configs automatically.
Guidance
This is an administrative dashboard that intentionally reads OpenClaw runtime files and can perform high‑privilege actions only when you opt in. Before installing or enabling features: 1) Review api-server.js yourself (it runs as a local Node HTTP server). 2) Never set ENABLE_KEYS_ENV_AUTOLOAD unless you trust the host — it will import keys.env into process.env. 3) Only provide OPENAI_ADMIN_KEY / ANTHROPIC_ADMIN_KEY / NOTION_API_KEY if you need provider audit features, and prefer read‑only / scoped keys. 4) Keep the server bound to localhost and set OPENCLAW_AUTH_TOKEN before exposing it externally; verify DASHBOARD_CORS_ORIGINS. 5) Avoid enabling absolute-path attachment copy, mutating ops, or systemctl restart on multi-user or internet-exposed machines. If you want higher assurance, run the dashboard in an isolated VM or container and audit any outgoing network calls when enabling provider-audit features.
Latest Release
v1.7.3
Added simplified installation instructions to SKILL.md and README.md.
More by @JonathanJing
Published by @JonathanJing on ClawHub
