Real-time web dashboard for OpenClaw sessions and background tasks. Mobile-responsive with auto-refresh.
Security Analysis
medium confidenceThe skill's code and runtime instructions match its stated purpose (a local web dashboard that reads OpenClaw session state), but it reads local transcripts and serves data on the LAN so review privacy/network exposure before installing.
Name/description, server.js and helper scripts consistently implement a local dashboard that calls the OpenClaw CLI ('openclaw sessions list --json' and 'openclaw cron list --json') and reads session transcripts to produce summaries. Required binaries/env/credentials are minimal or none, which aligns with a local monitoring tool.
SKILL.md instructs running npm install and starting the included server which listens on 0.0.0.0:3030 and serves session and transcript-derived content. The code reads transcript files (~/.openclaw/agents/main/sessions/*.jsonl) and returns the first user message (truncated) as task descriptions — this is consistent with monitoring but means user message contents can be exposed via the dashboard (including to LAN).
No install spec is provided; dependency installation is the normal 'npm install' using package.json which only lists express. No remote downloads or extracts; low installation risk.
The skill requests no environment variables or credentials, which is appropriate. It does read files under $HOME and ~/.openclaw (transcripts, PID/log files) and writes logs, PID, and DASHBOARD.md — these file accesses are expected for a local monitor but are sensitive (may contain user message content).
always:false and no modifications to other skills or system-wide configs. The skill creates its own log and PID files and writes DASHBOARD.md; this is normal for a service and within its scope.
Guidance
This skill is internally consistent with its stated purpose, but it reads local OpenClaw transcripts and serves session content over the network. Before installing: 1) Review the getTaskDescription logic and decide whether exposing the first user message (even truncated) is acceptable. 2) If you don't want LAN access, change the bind address in server.js from 0.0.0.0 to 127.0.0.1 or run behind an authenticated reverse proxy/firewall. 3) Be aware the service writes logs, PID files and DASHBOARD.md into your HOME/workspace — check those locations for sensitive content and adjust paths or permissions as needed. 4) Note minor inconsistencies: generate-dashboard.js writes to $HOME/clawd/DASHBOARD.md while update-dashboard.js expects different paths/inputs; test the scripts you plan to use. 5) Run the server in an isolated account/container if you want to limit any accidental data exposure.
Latest Release
v1.0.0
Initial release of Task Monitor: a mobile-responsive, real-time dashboard for monitoring OpenClaw sessions and background tasks. - Web dashboard with modern, gradient dark theme and responsive design - Real-time updates with client-side auto-refresh every 60 seconds - Exposes a fast JSON API endpoint for current status and stats - Intelligent in-memory caching system (30s TTL) for low-latency responses - Supports session, Discord, sub-agent, and cron job monitoring - Legacy Markdown dashboard generator and CRON job automation included
More by @jorgermp
Published by @jorgermp on ClawHub
