@stellarhold170nt

healthcheck

Track water and sleep with JSON file storage

Current version
v1.0.2
11 3.1万All installs 0

SKILL.md

text/markdown · 2734 bytes

skill-card.md

text/markdown · 1877 bytes

Security Scan

Status

clean

Open VirusTotal

OpenClaw

gpt-5.5

clean

OpenClaw analysis

This is a small local water and sleep tracker that writes to one JSON file, with some usability and validation cautions but no evidence of hidden or malicious behavior.

Confidence: high

VirusTotal

Type: OpenClaw Skill Name: healthcheck Version: 1.0.2 The skill is classified as suspicious due to the potential for prompt/command injection. The `SKILL.md` file instructs the AI agent to execute `node -e` commands that directly embed user input variables (`CUPS`, `NEW_CUPS`) into the JavaScript string. If the OpenClaw platform does not strictly sanitize these variables to numerical values, an attacker could inject arbitrary JavaScript code, leading to unauthorized execution. While there is no explicit malicious intent (like data exfiltration or persistence) within the provided code, this mechanism presents a significant security risk.

Metadata

  • Owner: @stellarhold170nt
  • Created: 2026/02/01
  • Updated: 2026/05/17
  • Versions: 3
  • Comments: 0
  • Scan checked at: 2026/07/10

Runtime

No runtime requirements are exposed in the official public payload.

healthcheck | ClawHub CN