ClawHub
Code Pluginsource linkedVerified

Diagnostics Prometheusv2026.5.28

OpenClaw diagnostics Prometheus exporter for runtime metrics.

@openclaw/diagnostics-prometheus·runtime diagnostics-prometheus·by @openclaw
openclaw plugins install clawhub:@openclaw/diagnostics-prometheus
Latest release: v2026.5.28Download zip

Capabilities

Tags
executes-codeartifact:npm-packnpm-mirror:available
configSchema
Yes
Executes code
Yes
HTTP routes
0
Runtime ID
diagnostics-prometheus

Compatibility

Built With Open Claw Version
2026.5.28
Min Gateway Version
>=2026.4.25
Plugin Api Range
>=2026.5.28
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The stated purpose is a Prometheus diagnostics exporter, and the code subscribes to internal diagnostic events, aggregates counters/gauges/histograms, and serves them in Prometheus text format.
Instruction Scope
Runtime behavior matches the README and plugin manifest: startup activation, a registered service, and an exact HTTP route for diagnostics metrics. No prompt-injection text or agent behavior override was found.
Install Mechanism
The artifact is an npm package from the trusted @openclaw publisher, source-linked to openclaw/openclaw, with no install scripts and no bundled third-party dependencies in the shrinkwrap.
Credentials
The plugin has access to internal runtime diagnostics and exposes operational metrics, which is expected for this purpose and bounded by gateway authentication and a trusted-operator route surface.
Persistence & Privilege
It runs on startup but only keeps an in-memory metric store, unsubscribes and resets on stop, and shows no file persistence, credential access, shell execution, or outbound network behavior.
Scan Findings in Context
[VirusTotal telemetry] expected: All 62 engines were undetected/clean, which is consistent with the artifact-backed review.
[SkillSpector advisory scan] expected: SkillSpector reported no issues; artifact inspection also found no unsupported high-impact behavior beyond expected diagnostics export.
Assessment
Install only if you want gateway operators to scrape OpenClaw runtime metrics. Treat the Prometheus endpoint as operationally sensitive because it can reveal usage, model, tool, queue, cost, and health metadata, even though the route is gateway-authenticated and labels are redacted/limited.

Verification

Tier
source linked
Scope
artifact only
Summary
Validated package structure and linked the release to source metadata.
Source
github.com/openclaw/openclaw
Commit
e93216080aa1
Tag
refs/heads/release/2026.5.28
Provenance
No
Scan status
clean

Tags

alpha
2026.5.19-alpha.1
beta
2026.6.1-beta.1
latest
2026.5.28

@openclaw/diagnostics-prometheus

Official Prometheus diagnostics exporter for OpenClaw.

This plugin exposes OpenClaw Gateway runtime metrics in Prometheus text format for Prometheus, Grafana, VictoriaMetrics, and compatible scrapers.

Install

openclaw plugins install @openclaw/diagnostics-prometheus

Restart the Gateway after installing or updating the plugin.

Configure

Enable the plugin and set the scrape endpoint options in plugins.entries.diagnostics-prometheus.config.

The full config surface, metric names, and scrape examples live in the docs:

Package

  • Plugin id: diagnostics-prometheus
  • Package: @openclaw/diagnostics-prometheus
  • Minimum OpenClaw host: 2026.4.25