healthcheck
Host security hardening and risk-tolerance configuration for OpenClaw deployments. Use when a user asks for security audits, firewall/SSH/update hardening, risk posture, exposure review, OpenClaw cron scheduling for periodic checks, or version status checks on a machine running OpenClaw (laptop, workstation, Pi, VPS).
91
88%
Does it follow best practices?
Impact
95%
2.11xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong skill description that clearly defines its scope (OpenClaw host security hardening), lists concrete actions, and provides explicit trigger guidance with a well-constructed 'Use when...' clause. The inclusion of specific device types and security domains makes it both discoverable and distinctive. Minor improvement could include mentioning output formats or specific deliverables, but overall this is well-crafted.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: security audits, firewall/SSH/update hardening, risk posture configuration, exposure review, cron scheduling for periodic checks, and version status checks. These are clearly defined capabilities. | 3 / 3 |
Completeness | Clearly answers both 'what' (host security hardening and risk-tolerance configuration for OpenClaw deployments) and 'when' with an explicit 'Use when...' clause listing specific trigger scenarios. | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural trigger terms users would say: 'security audits', 'firewall', 'SSH', 'hardening', 'risk posture', 'exposure review', 'cron scheduling', 'version status', 'OpenClaw', plus device types like 'laptop', 'workstation', 'Pi', 'VPS'. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive due to the specific product name 'OpenClaw' and the combination of host security hardening with that particular deployment context. Unlikely to conflict with generic security or generic deployment skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
77%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a strong, well-structured skill with excellent workflow clarity and actionability—it provides specific commands, clear sequencing, validation checkpoints, and safety guardrails throughout. Its main weaknesses are moderate verbosity (some sections over-explain or repeat conventions Claude already knows) and a monolithic structure that would benefit from splitting detailed subsections into referenced files. The model self-check recommendation with specific version numbers (Opus 4.5, GPT 5.2+) is time-sensitive and could become stale.
Suggestions
Remove or significantly trim the non-technical prompt examples in step 1—Claude can generate user-friendly questions without being given exact phrasings.
Extract the periodic checks/cron scheduling section and the memory writes section into separate referenced files to improve progressive disclosure and reduce the main file's length.
Move the specific model version recommendations (Opus 4.5, GPT 5.2+) into a note or separate config that can be updated, since these will become outdated quickly.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is fairly detailed and well-structured, but includes some unnecessary verbosity—e.g., listing non-technical prompt examples Claude could generate itself, explaining what disk encryption and automatic updates are, and repeating the 'numbered choices' formatting rule multiple times. Some sections could be tightened significantly. | 2 / 3 |
Actionability | The skill provides specific, executable commands throughout (e.g., `openclaw security audit --deep`, `ss -ltnup`, `sw_vers`, `tmutil status`, `openclaw cron add --name healthcheck:security-audit`). It includes exact CLI flags, OS-specific command variants, and concrete cron job naming conventions. Guidance is copy-paste ready. | 3 / 3 |
Workflow Clarity | The workflow is clearly sequenced (steps 0–8) with explicit validation checkpoints (step 8 re-checks firewall, ports, access, and re-runs audit). It includes feedback loops (stop on unexpected output), rollback planning, access-preservation strategy, and a required confirmations section that acts as a safety checklist for destructive operations. | 3 / 3 |
Progressive Disclosure | The content is well-organized with clear section headers and a logical flow, but it is monolithic—everything is in a single file with no references to supporting documents. Given the length (~200+ lines) and breadth of topics (OS hardening, OpenClaw audits, cron scheduling, memory writes, logging), some content (e.g., the periodic checks/cron section, memory writes, logging) could be split into separate reference files. The one reference to `docs/reference/templates/AGENTS.md` is appropriate but no bundle files exist to support it. | 2 / 3 |
Total | 10 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- deepgram/dglabs-deepclaw
- Commit
ec8d4f8
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.