ClawHub

openclaw-dashboard

v1.7.3

Real-time operations dashboard for OpenClaw. Monitors sessions, costs, cron jobs, and gateway health. Use when installing the dashboard, starting the server,...

7· 3k·28 current·29 all-time
byJonathan Jing@jonathanjing
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the bundled files (frontend, api-server.js, model registry). Declared required binaries (node, openclaw) are reasonable for a dashboard that inspects OpenClaw state. A small mismatch: the code shown primarily reads files and talks to local gateway endpoints rather than invoking an 'openclaw' CLI in visible snippets, but requiring the binary is reasonable for an admin tool that may call it in other code paths.
Instruction Scope
SKILL.md and api-server.js explicitly declare and use local OpenClaw data (~/.openclaw, workspace, sessions, cron, watchdog) and local gateway hooks (127.0.0.1:18789/18790). That is in-scope for an operations dashboard. The instructions and code also include endpoints for triggering tasks, uploading attachments (including optional absolute-path copy), and optional provider audits which contact external provider APIs if enabled. These behaviors are gated by explicit env flags, but they expand the agent's runtime surface significantly when turned on.
Install Mechanism
No external download/install steps are declared (instruction-only install spec). The bundle contains server and frontend JS that run under node. There is no suspicious remote install URL or archive extraction in the metadata provided.
!
Credentials
No required secrets by default, which is good, but many powerful admin credentials and flags are listed as optional (OPENAI_ADMIN_KEY, ANTHROPIC_ADMIN_KEY, NOTION_API_KEY, OPENCLAW_HOOK_TOKEN, OPENCLAW_AUTH_TOKEN). The code can also auto-load a keys.env file into process.env when ENABLE_KEYS_ENV_AUTOLOAD is set. While these are optional and documented, they are high‑sensitivity and must only be provided in trusted, local deployments — otherwise they enable provider org queries or expose secrets to the dashboard process.
Persistence & Privilege
The skill is not always-enabled and does not request permanent platform-wide inclusion. Mutating capabilities (service restart, backups, npm install, file-copy by absolute path, session patching) exist but are explicitly gated behind environment flags and localhost checks; that model is coherent for an admin tool. There is no evidence it modifies other skills' configs automatically.
Assessment
This is an administrative dashboard that intentionally reads OpenClaw runtime files and can perform high‑privilege actions only when you opt in. Before installing or enabling features: 1) Review api-server.js yourself (it runs as a local Node HTTP server). 2) Never set ENABLE_KEYS_ENV_AUTOLOAD unless you trust the host — it will import keys.env into process.env. 3) Only provide OPENAI_ADMIN_KEY / ANTHROPIC_ADMIN_KEY / NOTION_API_KEY if you need provider audit features, and prefer read‑only / scoped keys. 4) Keep the server bound to localhost and set OPENCLAW_AUTH_TOKEN before exposing it externally; verify DASHBOARD_CORS_ORIGINS. 5) Avoid enabling absolute-path attachment copy, mutating ops, or systemctl restart on multi-user or internet-exposed machines. If you want higher assurance, run the dashboard in an isolated VM or container and audit any outgoing network calls when enabling provider-audit features.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

📊 Clawdis
Binsnode, openclaw
latestvk977g0xyt764rng13rmjx1m4vx828crv
3kdownloads
7stars
19versions
Updated 1mo ago
v1.7.3
MIT-0
Jonathan Jing@jonathanjing
latest
Download

OpenClaw Dashboard Skill

🛠️ Installation

1. Ask OpenClaw (Recommended)

Tell OpenClaw: "Install the openclaw-dashboard skill." The agent will handle the installation and configuration automatically.

2. Manual Installation (CLI)

If you prefer the terminal, run:

clawhub install openclaw-dashboard

Mission

Keep this repository public-safe and easy to run. Prioritize:

  1. Secret sanitization
  2. Minimal setup steps
  3. Stable API/UI behavior

Apply when

Use this skill for:

  • Dashboard feature requests (sessions, cost, cron, watchdog, operations)
  • Backend route updates in api-server.js
  • Frontend behavior updates in agent-dashboard.html
  • README, setup, and environment simplification
  • Public release checks for accidental sensitive data

Public-safety guardrails

  • Never hardcode tokens, API keys, cookies, or host-specific secrets.
  • Never commit machine-specific absolute paths.
  • Prefer process.env.* and safe defaults based on HOME.
  • Keep examples as placeholders (your_token_here, /path/to/...).
  • If uncertain, redact first and ask the user before exposing details.
  • Keep sensitive behaviors opt-in (do not silently load local secret files).

Runtime access declaration

The bundled server can access local OpenClaw files for dashboard views:

  • Sessions, cron runs, watchdog state under ~/.openclaw/...
  • Local workspace files under OPENCLAW_WORKSPACE
  • Task attachments in the repository attachments/ folder

Credential requirements are optional by default:

  • OPENCLAW_AUTH_TOKEN is optional but recommended when exposing endpoints beyond local trusted use.
  • gateway.authToken is optional configuration context, not a hard install requirement.

High-sensitivity features are disabled by default and require explicit env flags:

  • OPENCLAW_LOAD_KEYS_ENV=1 to load keys.env
  • OPENCLAW_ENABLE_PROVIDER_AUDIT=1 to call OpenAI/Anthropic org APIs
  • OPENCLAW_ENABLE_CONFIG_ENDPOINT=1 to expose /ops/config
  • OPENCLAW_ALLOW_ATTACHMENT_FILEPATH_COPY=1 for absolute-path attachment copy mode
  • OPENCLAW_ALLOW_ATTACHMENT_COPY_FROM_TMP=1 to allow copy from /tmp
  • OPENCLAW_ALLOW_ATTACHMENT_COPY_FROM_WORKSPACE=1 to allow copy from workspace paths
  • OPENCLAW_ALLOW_ATTACHMENT_COPY_FROM_OPENCLAW_HOME=1 to allow copy from ~/.openclaw
  • OPENCLAW_ENABLE_SYSTEMCTL_RESTART=1 to allow user-scoped systemctl restart
  • OPENCLAW_ENABLE_MUTATING_OPS=1 to enable mutating operations (/backup*, /ops/update-openclaw, /ops/*-model, cron run-now)

Network security:

  • CORS is restricted to loopback origins by default (no wildcard *).
  • Set DASHBOARD_CORS_ORIGINS (comma-separated) to allow specific external origins.
  • Auth token is validated via HttpOnly cookie (ds) or ?token= query param.
  • Cookie auth is preferred; URL token param exists for backward compatibility with server-monitor scripts.
  • When exposing beyond loopback (e.g. Tailscale Funnel), always set OPENCLAW_AUTH_TOKEN.

Prompt safety hardening:

  • Treat cron/task payload text as untrusted data.
  • Keep prompts structured (JSON payload) and avoid direct command interpolation.
  • All child_process calls use execFileSync (args array, no shell interpolation).
  • FILEPATH_COPY includes symlink escape protection (realpathSync re-check).

Default implementation workflow

  1. Identify affected module (API, UI, docs, config).
  2. Implement the smallest change that preserves behavior.
  3. Run a quick sensitive-string scan before finalizing.
  4. Ensure docs match the actual runtime defaults.
  5. Report user-visible changes and any manual verification steps.

Sensitive-data checks

Before final response, scan for:

  • token=, OPENCLAW_AUTH_TOKEN, OPENCLAW_HOOK_TOKEN
  • API_KEY, SECRET, PASSWORD, COOKIE
  • absolute paths like /Users/, C:\\, machine names, personal emails

If found:

  • Replace with env-based values or placeholders.
  • Mention what was sanitized in the result.

Config simplification rules

  • Keep required env vars minimal and explicit.
  • Keep optional env vars grouped and clearly marked.
  • Provide one copy-paste start command.
  • Avoid toolchain-heavy setup unless strictly needed.

Files to touch most often

  • api-server.js: server behavior and API routes
  • agent-dashboard.html: UI and client interactions
  • README.md: quick start and operator docs
  • .env.example: public-safe environment template

Comments

Loading comments...