Oc Call

v1.0.1

通过 OpenClaw Gateway HTTP API 调用远程 OpenClaw 实例，支持多轮会话保持。当用户说"用 oc 回答"、"用 openclaw 回答"、"oc 回答"、或发送 /oc 命令时触发。用于调用内网另一台机器（192.168.123.106）上的 OpenClaw 进行问答，保持会...

⭐ 0· 70·0 current·0 all-time

by@anlinxi

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for anlinxi/oc-call.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Oc Call" (anlinxi/oc-call) from ClawHub.
Skill page: https://clawhub.ai/anlinxi/oc-call
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install oc-call

ClawHub CLI

Package manager switcher

npx clawhub@latest install oc-call

Security Scan

VirusTotal

Pending

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

Name/description match the code: the script calls an OpenClaw Gateway at an IP on the LAN and keeps a session key. However the SKILL.md suggests sensitive values should be supplied via environment variables, yet the shipped Python code uses hard-coded defaults (OC_URL and OC_TOKEN) and does not read environment variables. The registry metadata also declares no required env vars, so the documentation, code, and registry are inconsistent.

ℹ

Instruction Scope

Instructions and the script stay within the stated purpose: they only POST to the OpenClaw /v1/chat/completions endpoint and read/write a single session file (~/.oc_session). There is no sign the skill reads other user files or exfiltrates data to unexpected endpoints. Still, it will make network calls to an internal IP (192.168.123.106) which may be surprising if the user did not expect internal network access.

✓

Install Mechanism

This is an instruction-only skill with a single included Python script and no install spec — low install risk because nothing is downloaded or executed automatically beyond the script itself.

Credentials

The skill embeds a default OC_TOKEN ('87654321') and OC_URL (http://192.168.123.106:28789/...) in the code rather than declaring required environment variables in the registry or actually reading overrides. Hard-coded credentials in a shipped skill are a red flag. The skill also writes a session file to ~/.oc_session; that is reasonable for session persistence but is additional local state to consider.

ℹ

Persistence & Privilege

The skill does not request permanent platform-wide presence (always:false) and does not modify other skills. It writes its own session file to the user's home directory, which is expected behavior for session persistence but could leak session keys if the file is not properly protected.

What to consider before installing

This skill implements exactly what it says — it will POST user queries to an OpenClaw Gateway on the internal IP 192.168.123.106 and persist a session key in ~/.oc_session — but it contains hard-coded URL and token values and its documentation claims environment-variable overrides that the code does not actually use. Before installing or running: (1) review and, if needed, remove or replace the hard-coded OC_TOKEN and OC_URL in scripts/oc_call.py; (2) if you expect to supply credentials via environment variables, update the script so it actually reads them (or ensure they are removed from the repo); (3) consider whether calling an internal IP from an agent is acceptable in your environment; (4) be aware the skill writes ~/.oc_session (protect that file or change its path); (5) if you do not trust the embedded token/IP, do not install or run the skill. If the author can provide a corrected version that reads OC_URL and OC_TOKEN from env vars (and removes hard-coded secrets), the concerns here would be largely resolved.

Like a lobster shell, security has layers — review code before you run it.

latestvk975313dhjt911x194mdzjdq7d84zk3j

70downloads

0stars

2versions

Updated 1w ago

v1.0.1

MIT-0

OpenClaw HTTP API Call Skill / OpenClaw HTTP API 调用技能

Call a remote OpenClaw instance via its Gateway OpenAI-compatible /v1/chat/completions endpoint, with multi-turn conversation support via x-openclaw-session-key.

通过 OpenClaw Gateway 的 OpenAI 兼容端点调用远程 OpenClaw 实例，自动处理多轮会话保持。

Configuration / 配置

Variable / 变量	Default / 默认值	Description / 说明
`OC_URL`	`http://192.168.123.106:28789/v1/chat/completions`	Remote Gateway address / 远程 Gateway 地址
`OC_TOKEN`	`87654321`	Auth token / 认证 Token
`OC_SESSION_FILE`	`~/.oc_session`	Session key storage path / Session Key 存储路径

Note / 注意: Sensitive values (URL, token) should be overridden via environment variables in production. 产品环境中请通过环境变量覆盖敏感配置。

How to Trigger / 触发方式

Command / 命令

/oc 你的问题

Keywords in message / 消息中的关键词

用 oc 回答
用 openclaw 回答
oc 回答

Session Persistence / 会话保持机制

Only the x-openclaw-session-key HTTP header is used — no local history file needed. The session key is stored in ~/.oc_session and automatically reused for subsequent calls.

仅依赖 x-openclaw-session-key HTTP header 保持会话，无需本地历史文件。 Session Key 存放在 ~/.oc_session，后续调用自动复用。

Management Commands / 管理命令

python oc_call.py /clear   # Clear session (delete session key) / 清除会话
python oc_call.py /new     # Create new session / 新建会话

Script Usage / 脚本调用

import subprocess
result = subprocess.run(
    ["python", "oc_call.py", "Your question here"],
    capture_output=True, text=True,
    cwd="C:\\Users\\an\\.openclaw\\workspace\\skills\\oc-call\\scripts"
)
print(result.stdout)

Comments

Loading comments...