source/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-02-09 05:19:32 +08:00
Code Issues Packages Projects Releases Wiki Activity

Skills: refine healthcheck guidance

Browse Source
This commit is contained in:
Tak Hoffman
2026-02-03 09:21:34 -06:00
parent 1f2f79a7a7
commit fc40ba8e7e
1 changed files with 20 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
skills/healthcheck/SKILL.md
View File

@@ -55,10 +55,11 @@ If you must ask, use non-technical prompts:
- “Is disk encryption turned on (FileVault/BitLocker/LUKS)?”
- “Are automatic security updates enabled?”
- “How do you use this machine?”
1. Personal machine shared with the assistant
2. Dedicated local machine for the assistant
3. Dedicated remote machine/server accessed remotely (always on)
4. Something else?
Examples:
- Personal machine shared with the assistant
- Dedicated local machine for the assistant
- Dedicated remote machine/server accessed remotely (always on)
- Something else?
Only ask for the risk profile after system context is known.
@@ -187,6 +188,14 @@ If the user says yes, ask for:
- cadence (daily/weekly), preferred time window, and output location
- whether to also schedule `openclaw update status`
Use a stable cron job name so updates are deterministic. Prefer exact names:
- `healthcheck:security-audit`
- `healthcheck:update-status`
Before creating, `openclaw cron list` and match on exact `name`. If found, `openclaw cron edit <id> ...`.
If not found, `openclaw cron add --name <name> ...`.
Also offer a periodic version check so the user can decide when to update (numbered):
1. `openclaw update status` (preferred for source checkouts and channels)
@@ -215,15 +224,20 @@ Record:
Redact secrets. Never log tokens or full credential contents.
## Memory writes (required)
## Memory writes (conditional)
Only write to memory files when the user explicitly opts in and the session is a private/local workspace
(per `docs/reference/templates/AGENTS.md`). Otherwise provide a redacted, paste-ready summary the user can
decide to save elsewhere.
Follow the durable-memory prompt format used by OpenClaw compaction:
- Write lasting notes to `memory/YYYY-MM-DD.md`.
After each audit/hardening run, append a short, dated summary to `memory/YYYY-MM-DD.md`
After each audit/hardening run, if opted-in, append a short, dated summary to `memory/YYYY-MM-DD.md`
(what was checked, key findings, actions taken, any scheduled cron jobs, key decisions,
and all commands executed). Append-only: never overwrite existing entries.
Redact sensitive host details (usernames, hostnames, IPs, serials, service names, tokens).
If there are durable preferences or decisions (risk posture, allowed ports, update policy),
also update `MEMORY.md` (long-term memory is optional and only used in private sessions).