healthcheck
Host security hardening and risk-tolerance configuration for OpenClaw deployments. Use when a user asks for security audits, firewall/SSH/update hardening, risk posture, exposure review, OpenClaw cron scheduling for periodic checks, or version status checks on a machine running OpenClaw (laptop, workstation, Pi, VPS).
91
88%
Does it follow best practices?
Impact
95%
2.11xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong skill description that clearly defines its scope around OpenClaw deployment security hardening. It provides specific concrete actions, comprehensive trigger terms covering both technical concepts and hardware contexts, and an explicit 'Use when...' clause. The product-specific focus (OpenClaw) combined with the security hardening domain makes it highly distinctive.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: security audits, firewall/SSH/update hardening, risk posture configuration, exposure review, cron scheduling for periodic checks, and version status checks. These are clearly defined capabilities. | 3 / 3 |
Completeness | Clearly answers both 'what' (host security hardening and risk-tolerance configuration for OpenClaw deployments) and 'when' with an explicit 'Use when...' clause listing specific trigger scenarios. | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural trigger terms users would say: 'security audits', 'firewall', 'SSH', 'hardening', 'risk posture', 'exposure review', 'cron scheduling', 'version status', 'OpenClaw', plus device types like 'laptop', 'workstation', 'Pi', 'VPS'. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive due to the specific product name 'OpenClaw' and the combination of host security hardening with that particular deployment context. Unlikely to conflict with generic security or generic deployment skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
77%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-crafted, highly actionable skill with excellent workflow clarity — clear step sequencing, validation checkpoints, rollback planning, and explicit confirmation gates for all destructive operations. Its main weaknesses are moderate verbosity (some sections like non-technical prompt examples and repeated formatting instructions could be trimmed) and the monolithic structure that could benefit from splitting detailed sections (e.g., periodic checks, memory writes, logging) into separate reference files.
Suggestions
Trim the non-technical prompt examples in step 1 — Claude can generate user-friendly questions without being given exact phrasings for each item.
Extract the 'Periodic checks', 'Memory writes', and 'Logging and audit trail' sections into separate reference files to improve progressive disclosure and reduce the main file's length.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is fairly long (~200+ lines) and includes some unnecessary explanation (e.g., non-technical prompt examples that Claude could generate on its own, repeated emphasis on numbered choices). However, most content is task-specific and not explaining concepts Claude already knows. Some tightening is possible but it's not egregiously verbose. | 2 / 3 |
Actionability | The skill provides specific, executable commands throughout (e.g., `openclaw security audit --deep`, `ss -ltnup`, `sw_vers`, `pfctl -s info`, `tmutil status`), concrete CLI flags, exact cron job naming conventions, and clear per-OS command variants. Guidance is copy-paste ready and leaves little ambiguity. | 3 / 3 |
Workflow Clarity | The workflow is clearly sequenced (steps 0–8) with explicit validation checkpoints (step 8 re-checks firewall, ports, access, and re-runs audit), feedback loops (step 7 stops on unexpected output), rollback planning (step 5), and required confirmations before any state-changing action. Destructive operations are gated behind explicit approval with access-preservation checks. | 3 / 3 |
Progressive Disclosure | The content is well-structured with clear headers and logical sections, but it is monolithic — all content is inline in a single file with no references to supporting documents. Given the length and complexity (periodic checks, memory writes, logging, cron scheduling), some sections could be split into separate reference files. The one reference to `docs/reference/templates/AGENTS.md` is appropriate but the skill would benefit from more decomposition. | 2 / 3 |
Total | 10 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- deepgram/dglabs-deepclaw
- Commit
ec8d4f8
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.