ClawHub

Nvidia Model Config

v1.0.5

Add the NVIDIA provider to OpenClaw with SecretRef apiKey (no plaintext in openclaw.json). Documents shell vs systemd gateway env so the key actually resolve...

0· 80·0 current·0 all-time
byWei Li@0xli
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included script and models. The script inserts a providers.nvidia block, uses a SecretRef-style env id, and includes the listed model entries and NVIDIA API endpoint — all directly relevant to the stated purpose.
Instruction Scope
Instructions and the script operate only on the target openclaw.json, optional env file (e.g., ~/.config/openclaw/gateway.env), and a user systemd override directory — all in-scope. Caution: using --inline-key or running with --dry-run while using inline-key will print plaintext keys to stdout; the SKILL.md warns about inline-key but does not call out the dry-run printing risk explicitly.
Install Mechanism
No install spec; this is an instruction-only skill with a small local Python script. Nothing is downloaded or written outside user-controlled files and typical user config locations.
Credentials
The skill requests no platform credentials and does not declare required env vars. It optionally writes a local env file and a user systemd override to expose NVIDIA_API_KEY to the OpenClaw gateway — appropriate for the task. Users should avoid --inline-key for long-lived/shared configs and be mindful that dry-run will display inline keys if used.
Persistence & Privilege
always:false and no autonomous invocation settings are unusual. The script may create a user-level systemd override for openclaw-gateway (user scope) and writes a per-user env file; this is expected for configuring a gateway service and does not modify other skills or system-wide configuration.
Assessment
This skill appears coherent and implements exactly what it claims, but review and follow these safety steps before use: - Prefer the secure default (SecretRef) over --inline-key. Only use --inline-key for short-lived local tests and never commit configs with inline keys. - Beware: running --dry-run while using --inline-key will print the config (and the inline key) to stdout. Avoid dry-run when testing inline keys or ensure your terminal/stdout is not being captured. - If you use --setup-env the script will write an env file (mode 600) to the path you supply; confirm the path and permissions. The script sets 0600 which is good practice. - The script will create a user systemd override in ~/.config/systemd/user/... for the openclaw-gateway service. Verify the correct service name and that you want to reload/restart that user service. - Back up your openclaw.json (use --backup or manual copy) before running in non-dry-run mode. - Inspect the script yourself (it is included) and run it locally — it performs only local file edits and writes; it contains no network-exfiltration code. If you run it on a machine with remote logging/monitoring, be mindful of where stdout/stderr may be captured. If you want additional assurance, request a short code review of scripts/merge_nvidia_config.py for your environment or run it in a sandboxed/test workspace first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f9w1e1664sef0symhbg5f5s84acxs

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments