healthcheck
Host security hardening and risk-tolerance configuration for OpenClaw deployments. Use when a user asks for security audits, firewall/SSH/update hardening, risk posture, exposure review, OpenClaw cron scheduling for periodic checks, or version status checks on a machine running OpenClaw (laptop, workstation, Pi, VPS).
91
88%
Does it follow best practices?
Impact
95%
2.11xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong skill description that clearly defines its scope around OpenClaw deployment security hardening. It lists concrete actions, includes a comprehensive 'Use when...' clause with natural trigger terms, and is highly distinctive due to the product-specific context. The description is concise yet thorough, covering both the capabilities and the trigger conditions effectively.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: security audits, firewall/SSH/update hardening, risk posture configuration, exposure review, cron scheduling for periodic checks, and version status checks. These are clearly defined capabilities. | 3 / 3 |
Completeness | Clearly answers both 'what' (host security hardening and risk-tolerance configuration for OpenClaw deployments) and 'when' with an explicit 'Use when...' clause listing specific trigger scenarios. | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural trigger terms users would say: 'security audits', 'firewall', 'SSH', 'hardening', 'risk posture', 'exposure review', 'cron scheduling', 'version status', 'OpenClaw', plus device types like 'laptop', 'workstation', 'Pi', 'VPS'. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive due to the specific product name 'OpenClaw' and the combination of host security hardening with that specific deployment context. Unlikely to conflict with generic security or generic deployment skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
77%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-crafted, highly actionable skill with excellent workflow clarity and explicit validation/confirmation checkpoints throughout. Its main weakness is length—it could be more concise by removing some redundant explanations and splitting detailed sections (memory writes, cron scheduling, logging) into referenced files. The progressive disclosure could be improved by extracting reference material into separate documents.
Suggestions
Extract the 'Memory writes', 'Logging and audit trail', and 'Periodic checks' sections into separate reference files (e.g., MEMORY_POLICY.md, LOGGING.md) and link to them from the main skill to improve progressive disclosure and reduce length.
Remove the verbatim non-technical prompt examples in step 1—Claude can generate user-friendly questions on its own. Instead, just state 'Use non-technical language when asking users for context' to save ~15 lines.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is fairly long (~200+ lines) and includes some unnecessary elaboration (e.g., listing non-technical prompt examples verbatim, explaining what --fix does/doesn't do multiple times, the model self-check section). However, most content is task-specific and not explaining concepts Claude already knows, so it's not egregiously verbose. | 2 / 3 |
Actionability | The skill provides specific, executable commands throughout (e.g., `openclaw security audit --deep`, `ss -ltnup`, `sw_vers`, `tmutil status`, `openclaw cron add --name healthcheck:security-audit`). It includes exact CLI flags, OS-specific command variants, and concrete numbered options for user interaction. The guidance is copy-paste ready. | 3 / 3 |
Workflow Clarity | The workflow is clearly sequenced (steps 0-8) with explicit validation checkpoints (step 8 re-checks firewall, ports, access, and re-runs audit). It includes feedback loops (stop on unexpected output), rollback planning, access-preservation strategy, and required confirmations for all destructive/state-changing operations. The cron scheduling section includes idempotency checks (list before add/edit). | 3 / 3 |
Progressive Disclosure | The content is well-structured with clear headers and numbered steps, but it's a monolithic document with no references to external files for detailed content. The risk profiles, periodic checks, memory writes, and logging sections could be split into separate reference files. For a skill of this length and complexity, inline everything makes it harder to navigate. | 2 / 3 |
Total | 10 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- trpc-group/trpc-agent-go
- Commit
0c1ec2b
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.