healthcheck
Host security hardening and risk-tolerance configuration for OpenClaw deployments. Use when a user asks for security audits, firewall/SSH/update hardening, risk posture, exposure review, OpenClaw cron scheduling for periodic checks, or version status checks on a machine running OpenClaw (laptop, workstation, Pi, VPS).
91
88%
Does it follow best practices?
Impact
95%
2.11xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong skill description that clearly communicates specific capabilities, provides explicit trigger guidance with a 'Use when...' clause, and includes a rich set of natural keywords users would employ. The description is concise yet comprehensive, covering both the domain (OpenClaw security hardening) and the specific actions available, while maintaining a distinct identity through its product-specific focus.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: security audits, firewall/SSH/update hardening, risk posture configuration, exposure review, cron scheduling for periodic checks, and version status checks. These are clearly defined capabilities. | 3 / 3 |
Completeness | Clearly answers both 'what' (host security hardening and risk-tolerance configuration for OpenClaw deployments) and 'when' with an explicit 'Use when...' clause listing specific trigger scenarios. | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural trigger terms users would say: 'security audits', 'firewall', 'SSH', 'hardening', 'risk posture', 'exposure review', 'cron scheduling', 'version status', 'OpenClaw', plus device types like 'laptop', 'workstation', 'Pi', 'VPS'. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive due to the specific 'OpenClaw' product context combined with host-level security hardening. The combination of OpenClaw-specific features (cron scheduling, version checks) with security hardening creates a clear niche unlikely to conflict with generic security or deployment skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
77%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-crafted, highly actionable skill with excellent workflow clarity and strong safety guardrails (explicit confirmations, rollback plans, access preservation). Its main weakness is length—it could be more concise by removing redundant explanations and splitting OS-specific details or memory/logging policies into referenced files. The progressive disclosure could be improved by extracting some of the longer sections into supplementary documents.
Suggestions
Extract OS-specific command lists (Linux vs macOS vs Windows checks) into a referenced file like OS_CHECKS.md to reduce main skill length.
Consolidate repeated rules (e.g., 'do not imply OpenClaw enforces host firewall/SSH' appears in multiple places) into a single reference in Core Rules.
Move the memory writes and logging/audit trail sections into a referenced MEMORY_POLICY.md since they are detailed operational policies rather than core workflow steps.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is fairly long (~200+ lines) and includes some unnecessary elaboration (e.g., listing non-technical prompt examples verbatim, explaining what --fix does/doesn't do multiple times, repeating the numbered-choice formatting rule). However, most content is genuinely instructive and not explaining concepts Claude already knows. Could be tightened by ~30%. | 2 / 3 |
Actionability | Provides exact CLI commands (openclaw security audit --deep, ss -ltnup, tmutil status, etc.), specific flag options, concrete numbered choices for users, and explicit step-by-step remediation guidance. Commands are copy-paste ready and context-appropriate per OS. | 3 / 3 |
Workflow Clarity | The workflow is clearly numbered 0-8 with explicit sequencing, validation checkpoints (step 8 re-checks firewall, ports, access, and re-runs audit), confirmation requirements before state changes, rollback planning, and error handling (stop on unexpected output). Feedback loops are present for destructive operations. | 3 / 3 |
Progressive Disclosure | The content is well-structured with clear headers and logical sections, but it's a monolithic document with no references to external files for detailed content (e.g., the remediation plan template, OS-specific hardening details, or cron scheduling details could be split out). For a skill of this length, some content should be in supplementary files. | 2 / 3 |
Total | 10 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- trpc-group/trpc-agent-go
- Commit
fcc550d
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.