From 607571d0c9fb80885d2199e79e064b5eb5c8298d Mon Sep 17 00:00:00 2001 From: zap Date: Mon, 9 Mar 2026 00:16:08 +0000 Subject: [PATCH] chore(boot): record startup health check status --- memory/boot-last-run.json | 5 ++++- memory/startup-health.json | 34 ++++++++++++++++++---------------- memory/startup-health.md | 2 ++ 3 files changed, 24 insertions(+), 17 deletions(-) diff --git a/memory/boot-last-run.json b/memory/boot-last-run.json index 60e407b..a35a5d1 100644 --- a/memory/boot-last-run.json +++ b/memory/boot-last-run.json @@ -1 +1,4 @@ -{"last_run_utc": "2026-03-05T04:28:00Z", "status": "warn"} +{ + "last_run_utc": "2026-03-09T00:16:00Z", + "status": "warn" +} diff --git a/memory/startup-health.json b/memory/startup-health.json index acfcd98..8b6831c 100644 --- a/memory/startup-health.json +++ b/memory/startup-health.json @@ -1,22 +1,24 @@ { - "last_run_utc": "2026-03-05T21:41:00Z", - "status": "ok", + "last_run_utc": "2026-03-09T00:16:00Z", + "status": "warn", "checks_passed": [ - "core-workspace-files: AGENTS.md, SOUL.md, USER.md, TOOLS.md, HEARTBEAT.md", - "skill-folders: all 7 required skills present", - "tasks-state: memory/tasks.json exists", - "hooks: 5/5 ready (boot-md, bootstrap-extra-files, command-logger, model-skill-injector, session-memory)", - "permissions: ~/.openclaw is 700; all credentials are 600", - "network-exposure: gateway local-only (127.0.0.1 / ::1 only)", - "backup-freshness: last backup ~4.1h ago (within 8h threshold)", - "update-status: no update available (current: 2026.3.2)", - "security-audit-freshness: deep audit run just now (age ~0h)", - "security-audit-status: 0 critical, 0 warn, 1 info after quarantining stale acpx.bak extension" + "core workspace files present (AGENTS.md, SOUL.md, USER.md, TOOLS.md, HEARTBEAT.md)", + "required local skill folders present", + "task state file exists (memory/tasks.json)", + "required hooks ready: session-memory, command-logger, bootstrap-extra-files, boot-md, model-skill-injector", + "~/.openclaw permissions are 700", + "credential file permissions under ~/.openclaw/credentials are 600", + "gateway listener is local-only (127.0.0.1/[::1] for OpenClaw ports)", + "backup signal fresh (<8h)", + "openclaw update status retrieved" ], "checks_failed": [], - "warnings": [], + "warnings": [ + "security audit --deep freshness stale (~74.56h; target <=24h)", + "documented core service ports 18801/18802/18803 not reachable on localhost (may be hosted on LAN IPs)" + ], "gateway_exposure": "local-only", - "last_backup_age_hours": 4.1, - "last_security_audit_age_hours": 0.0, - "update_status": "up-to-date (2026.3.2 stable)" + "last_backup_age_hours": 5.95, + "last_security_audit_age_hours": 74.56, + "update_status": "update available (stable pnpm latest: 2026.3.7)" } diff --git a/memory/startup-health.md b/memory/startup-health.md index 5af20f4..dba6742 100644 --- a/memory/startup-health.md +++ b/memory/startup-health.md @@ -7,3 +7,5 @@ [2026-03-05T21:36:00Z] CRITICAL security-audit-findings: latest deep audit = 1 critical, 2 warn, 1 info. Key issue: extension plugin `acpx.bak` flagged for dangerous exec pattern. [2026-03-05T21:41:39Z] ACTION quarantine: moved `~/.openclaw/extensions/acpx.bak` -> `~/.openclaw/extensions-quarantine/acpx.bak.20260305T214139Z` (non-destructive). [2026-03-05T21:42:00Z] RESOLVED security-audit-findings: `openclaw security audit --deep` now reports 0 critical, 0 warn, 1 info. +[2026-03-09T00:16:00 UTC] WARN security-audit-freshness: latest deep audit is ~74.56h old; run `openclaw security audit --deep`. +[2026-03-09T00:16:00 UTC] WARN expected-service-posture: ports 18801/18802/18803 unreachable on localhost; verify containers are running or bound on expected LAN IPs.