botlearn-healthcheck

This protocol is a comprehensive local-diagnostic data collection plan for OpenClaw that legitimately gathers status, config, logs, tasks, and workspace artifacts into DATA.* context keys. The content itself does not contain obfuscated or directly malicious code. However, executing package-provided shell scripts and running `openclaw doctor --deep` constitute a meaningful supply-chain risk: if any of those scripts or local files were tampered with, they could execute arbitrary commands, read secrets, or exfiltrate data captured into the DATA.* store. The protocol takes some precautions (not reading identity file contents, redacting common secret patterns) but lacks stronger safeguards (signing, sandboxing, least-privilege execution, and robust redaction). Recommend treating the environment as potentially untrusted, verifying integrity of scripts/configs before running, and restricting collection of sensitive environment variables and files.