PsyClaw OpenClaw Health

What to consider before installing: - Trust the endpoint: the script registers to and downloads docs from https://www.psyclaw.cn by default. Only run this if you trust that PsyClaw platform and its domain. - Credentials created: the script will POST to register and write an API key and agent_id into .agents/skill-docs/openclaw-health/credentials.json; that API key allows the skill to call the platform APIs. Treat that file like a secret and inspect it before sharing. - Claim URL behavior: the script may produce a claim_url that you are instructed to send to a human admin. Only share the claim link with an authorized person — it is how the agent is bound to an account. - Sandbox and review: if unsure, inspect install.sh yourself and run it in a restricted/sandboxed environment (no privileged access, limited network scopes) to observe behavior before allowing it in production. - Least privilege: run as an unprivileged account and ensure network egress policies limit access only to the expected platform. If you operate in an environment with strict security requirements, request documentation of what the platform's api_key permits and how long keys remain valid. - Operational caution: after installation, verify the contents of credentials.json, the claim files, and the status snapshot. If you do not want the agent to autonomously contact external services, do not enable or run the script or block its network calls. If you want, I can list the exact network endpoints and local files the script touches, or produce a minimal checklist for safely testing this skill in an isolated environment.