Bengii Gemini Fix
Comprehensive guide for installing, configuring, operating, and troubleshooting OpenClaw — a self-hosted, multi-channel AI agent gateway. Use when the user a...
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 0 · 17 · 0 current installs · 0 all-time installs
by@bengii
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md, README, and references clearly document OpenClaw maintenance tasks (install, config, channels, tokens, troubleshooting). However the registry metadata (skill name: "Bengii Gemini Fix") does not match the skill manifest (SKILL.md uses name: "openclaw" and all files refer to OpenClaw). Source/homepage are unknown. The mismatch between published name/metadata and the content is an incoherence that reduces trust and could indicate repackaging or renaming without provenance.
Instruction Scope
As an instruction-only skill it contains many concrete operational steps (CLI commands, file paths like ~/.openclaw/gateway.token, config edits, token/password usage). Those are appropriate for a maintenance guide, but the doc also describes the agent/system prompt assembly and bootstrap files; the static scan flagged a 'system-prompt-override' pattern. That pattern can be legitimate documentation of how OpenClaw builds prompts, but it also matches prompt-injection signatures — so treat any embedded directives that look like 'insert this system prompt' as potentially dangerous unless you reviewed them.
Install Mechanism
No install spec or code files that would download or execute remote artifacts — lowest-risk install model (instruction-only). The skill would not write binaries or run installers by itself; risk comes from following its instructions after install.
Credentials
The skill declares no required env vars or credentials, which is proportionate. However the instructions routinely direct the operator to use gateway tokens, password files, or secret refs (e.g., ~/.openclaw/gateway.token, gateway.auth.*). Those are relevant for OpenClaw maintenance, but they are sensitive. Because the skill can instruct an assistant to read or use such secrets, verify any automatic actions before allowing the assistant to access token/password files.
Persistence & Privilege
always:false and normal autonomous invocation settings are used. The skill does not request permanent platform-level privileges or attempt to modify other skills. The combination of autonomous invocation and the detected prompt-injection pattern is something to monitor (see guidance), but autonomous invocation alone is the platform default.
Scan Findings in Context
[system-prompt-override] unexpected: The documentation explains how OpenClaw assembles prompts and bootstrap files (legitimate), but the regex detector flagged patterns that look like system-prompt override attempts. For a maintenance/help skill, embedding system-prompt text that instructs the host assistant to change its system prompt is not expected and may be a prompt-injection risk unless carefully reviewed.
What to consider before installing
This skill is a large, documentation-heavy OpenClaw maintenance guide that can instruct an assistant to run commands and access local files (including gateway tokens). That is consistent with the advertised purpose, but: 1) the registry name ('Bengii Gemini Fix') does not match the SKILL.md content (which identifies as 'openclaw') and the source/homepage are unknown — verify the origin before trusting it; 2) the static scan found a 'system-prompt-override' pattern — inspect SKILL.md and references for any lines that attempt to inject or replace the assistant's system prompt or give the skill unchecked authority to run shell commands; 3) because the skill can instruct reading token/password files, do not allow it to access secrets or run privileged commands automatically. Recommendations: install only from a verified upstream repo (compare against official OpenClaw docs), run the skill in a sandboxed assistant or with model-invocation disabled/autonomy limited until you audit the files, require manual approval for any command execution or file reads, and avoid granting access to gateway tokens/SSH keys until you confirm the provenance and content.references/memory.md:58
Prompt-injection style instruction pattern detected.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.0.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
OpenClaw Maintenance Skill
OpenClaw is a self-hosted, open-source (MIT) gateway that routes AI agents across WhatsApp, Telegram, Discord, Slack, iMessage, Signal, and 15+ other channels simultaneously. It runs on macOS, Linux, or Windows.
Reference Files
| Reference | Coverage |
|---|---|
| channels.md | Per-channel setup (WhatsApp, Telegram, Discord, etc.) |
| channel_troubleshooting.md | Per-channel failure signatures and walkthroughs |
| tools.md | Tools inventory (profiles, groups, all built-in tools) |
| exec.md | Exec tool: parameters, config, PATH, security, process tool |
| exec_approvals.md | Exec approvals: allowlists, safe bins, approval flow |
| browser.md | Browser tool: profiles, CDP, relay, SSRF, Control API |
| web_tools.md | Web tools: Brave, Perplexity, Gemini search providers |
| pdf_tool.md | PDF tool: native/fallback modes, config, page filtering |
| elevated.md | Elevated mode: /elevated directives, sandbox breakout |
| lobster.md | Lobster: typed workflow runtime with approvals |
| llm_task.md | LLM Task: JSON-only LLM step for structured output |
| openprose.md | OpenProse: multi-agent program runtime |
| plugins.md | Plugins: official list, config, manifest, CLI, authoring |
| skills.md | Skills: locations, config, ClawHub, watcher, token impact |
| providers.md | Model provider setup |
| multi_agent.md | Multi-agent routing |
| nodes.md | Nodes (iOS/Android/macOS/headless) |
| security.md | Security hardening |
| secrets.md | Secrets management (SecretRef, vault) |
| sandboxing.md | Sandboxing (Docker isolation) |
| config_reference.md | Full config field reference |
| gateway_ops.md | Gateway operations |
| remote_access.md | Remote access, SSH, Tailscale, web dashboard |
| sessions.md | Session management, DM isolation, lifecycle, compaction |
| hooks.md | Hooks: internal event hooks, HTTP webhooks, authoring, CLI |
| automation.md | Cron jobs, webhooks, Gmail Pub/Sub |
| acp_agents.md | ACP agents: spawn external AI runtimes (Codex, Claude, etc.) |
| install.md | Installation, updating, rollback, migration, uninstall |
| web_ui.md | Web surfaces: Dashboard, Control UI, WebChat |
| slash_commands.md | Chat slash commands (/new, /model, /acp, etc.) |
| platforms.md | Platform-specific guides (macOS, iOS, Android, Linux, Windows) |
| diffs_firecrawl.md | Diffs plugin + Firecrawl anti-bot fallback |
| subagents.md | Sub-agents: nested spawning, thread binding, announce, tool policy |
| memory.md | Memory system, vector search, hybrid BM25, compaction, QMD backend |
| architecture.md | Gateway architecture, wire protocol, pairing, invariants |
| agent_runtime.md | Agent runtime, bootstrap files, agent loop, hooks, timeouts |
| streaming.md | Streaming + chunking: block streaming, coalescing, preview modes |
| queue.md | Command queue: modes (steer/followup/collect), concurrency, per-session |
| model_failover.md | Model failover, OAuth, auth profiles, cooldowns, billing disables |
| clawhub.md | ClawHub: public skill registry, CLI commands, publish/install |
| thinking.md | Thinking levels, verbose directives, reasoning visibility |
| polls.md | Polls: Telegram, WhatsApp, Discord, MS Teams |
| voice.md | Talk Mode (voice interaction) + Voice Wake (wake words) |
| presence_discovery.md | Presence system, discovery (Bonjour/Tailscale), transports |
| gateway_internals.md | Network model, gateway lock, health checks, doctor, logging, background exec |
| heartbeat.md | Heartbeat: config, delivery, visibility, HEARTBEAT.md, per-agent |
| bonjour.md | Bonjour/mDNS: TXT keys, wide-area DNS-SD, debugging, failure modes |
| pairing.md | Gateway pairing: node approval, CLI, API, auto-approval, storage |
| tui.md | TUI: keyboard shortcuts, slash commands, pickers, local shell, delivery |
| media.md | Media: camera capture, images, audio/voice notes, transcription |
| channel_routing.md | Channel routing, session keys, agent selection, Mattermost, BlueBubbles |
Quick Reference
Key Paths
| Path | Purpose |
|---|---|
~/.openclaw/openclaw.json | Main config (JSON5) |
~/.openclaw/.env | Global env fallback |
~/.openclaw/workspace | Default agent workspace |
~/.openclaw/agents/<id>/ | Per-agent state + sessions |
~/.openclaw/skills/ | Managed/local skills |
~/.openclaw/agents/<id>/qmd/ | QMD memory backend state |
~/.openclaw/agents/<id>/agent/auth-profiles.json | Auth profiles + OAuth tokens |
OPENCLAW_CONFIG_PATH | Override config location |
OPENCLAW_STATE_DIR | Override state directory |
OPENCLAW_HOME | Override home directory |
Essential Commands
openclaw status # Overall status
openclaw gateway status # Gateway daemon status
openclaw gateway status --deep # Deep scan including system services
openclaw doctor # Diagnose config/service issues
openclaw doctor --fix # Auto-fix safe issues
openclaw logs --follow # Tail gateway logs
openclaw channels status --probe # Channel health check
openclaw security audit # Security posture check
openclaw security audit --fix # Auto-fix security issues
openclaw update # Self-update
openclaw dashboard # Open Control UI in browser
openclaw tui # Terminal UI (interactive REPL)
openclaw agent # Direct agent interaction via CLI
openclaw health # Health check
openclaw usage # Usage tracking
openclaw config validate # Validate config file
openclaw config file # Print active config path
openclaw sessions cleanup # Session disk cleanup
openclaw agents bindings # Agent-channel bindings
openclaw agents bind # Bind agent to account
openclaw agents unbind # Unbind agent
openclaw update --dry-run # Preview update
openclaw system presence # View connected clients/nodes
openclaw system heartbeat last # Last heartbeat info
openclaw system heartbeat now # Trigger heartbeat immediately
openclaw memory search <query> # CLI memory search
openclaw docs <query> # Search OpenClaw docs
openclaw nodes pending # List pending pairing requests
openclaw nodes approve <id> # Approve node pairing
openclaw nodes status # Show all paired nodes
openclaw health --json # Full health snapshot (JSON)
openclaw message send --media <p> # Send media message
Default Gateway
- Bind:
127.0.0.1:18789(loopback) - Dashboard:
http://127.0.0.1:18789/ - Protocol: WebSocket (JSON text frames)
Core Workflow
Diagnosing Issues
Always follow this command ladder:
openclaw status— quick overviewopenclaw gateway status— daemon running? RPC probe ok?openclaw logs --follow— watch for errorsopenclaw doctor— config/service diagnosticsopenclaw channels status --probe— per-channel health
Starting / Restarting Gateway
# Foreground with verbose logging
openclaw gateway --port 18789 --verbose
# Force-kill existing listener then start
openclaw gateway --force
# Service management (launchd on macOS, systemd on Linux)
openclaw gateway install
openclaw gateway start
openclaw gateway stop
openclaw gateway restart
Configuration
Edit config via any method:
# Interactive wizard
openclaw onboard # Full setup
openclaw configure # Config wizard
# CLI one-liners
openclaw config get <path> # Read value
openclaw config set <path> <value> # Set value (JSON5 or raw string)
openclaw config unset <path> # Remove value
# Direct edit
# Edit ~/.openclaw/openclaw.json (JSON5 format)
# Gateway hot-reloads on save (if gateway.reload.mode != "off")
Minimal config example:
{
agents: { defaults: { workspace: "~/.openclaw/workspace" } },
channels: { whatsapp: { allowFrom: ["+15555550123"] } },
}
Channel Setup
For detailed per-channel setup, see references/channels.md. For per-channel troubleshooting (failure signatures, setup walkthroughs), see references/channel_troubleshooting.md. For plugins adding new channels (Matrix, Nostr, MS Teams, etc.), see references/plugins.md.
Quick channel add:
# Interactive wizard
openclaw channels add
# Non-interactive
openclaw channels add --channel telegram --account default --name "My Bot" --token $BOT_TOKEN
openclaw channels login --channel whatsapp # QR pairing for WhatsApp
openclaw channels status --probe # Verify
Model Provider Setup
For detailed provider setup, see references/providers.md.
# Set default model
openclaw models set anthropic/claude-sonnet-4-5
# List available models
openclaw models list --all
# Check auth/token status
openclaw models status --probe
# Add auth interactively
openclaw models auth add
Config example:
{
agents: {
defaults: {
model: {
primary: "anthropic/claude-sonnet-4-5",
fallbacks: ["openai/gpt-5.2"],
},
},
},
}
Multi-Agent Routing
For detailed multi-agent config, see references/multi_agent.md.
openclaw agents add <id> # Create agent
openclaw agents list --bindings # Show agent-channel bindings
openclaw agents delete <id> # Remove agent
Nodes (iOS / Android / macOS / Headless)
For detailed node setup, see references/nodes.md.
openclaw nodes status # List connected nodes
openclaw nodes describe --node <id> # Node capabilities
openclaw devices list # Pending device approvals
openclaw devices approve <requestId> # Approve a device
openclaw node run --host <host> --port 18789 # Start headless node host
Security
For detailed security hardening, see references/security.md. For secrets management (SecretRef, vault integration), see references/secrets.md. For sandboxing (Docker isolation for tools), see references/sandboxing.md. For full config field reference, see references/config_reference.md. For remote access (SSH, Tailscale, VPN), see references/remote_access.md.
openclaw security audit # Check posture
openclaw security audit --deep # Live gateway probe
openclaw security audit --fix # Auto-fix safe issues
openclaw secrets reload # Re-resolve secret refs
openclaw secrets audit # Scan for plaintext leaks
Update / Uninstall
For detailed installation, updating, rollback, and migration guide, see references/install.md.
# Install (recommended)
curl -fsSL https://openclaw.ai/install.sh | bash
# Update
openclaw update # Self-update command
# Or: npm install -g openclaw@latest
openclaw doctor # Run after update to apply migrations
# Uninstall
openclaw uninstall
Tools Reference
For detailed per-tool documentation, see references/tools.md.
For specific tools, see:
- references/exec.md — Exec tool deep-dive
- references/exec_approvals.md — Exec approvals and allowlists
- references/browser.md — Browser automation deep-dive
- references/web_tools.md — Web search/fetch with multiple providers
- references/lobster.md — Lobster workflow runtime
- references/llm_task.md — LLM Task for structured JSON output
- references/openprose.md — OpenProse multi-agent programs
- references/plugins.md — Plugin system (install, author, distribute)
- references/skills.md — Skills system (load, config, ClawHub)
For ACP agents (Codex, Claude Code, Gemini CLI, etc.), see references/acp_agents.md. For Diffs plugin and Firecrawl anti-bot fallback, see references/diffs_firecrawl.md. For chat slash commands (/new, /model, /acp, etc.), see references/slash_commands.md. For thinking levels (/think, /verbose, /reasoning), see references/thinking.md. For polls (Telegram, WhatsApp, Discord, MS Teams), see references/polls.md. For Talk Mode and Voice Wake, see references/voice.md. For Gateway architecture and wire protocol, see references/architecture.md. For agent runtime and loop details, see references/agent_runtime.md. For command queue system, see references/queue.md. For model failover and OAuth, see references/model_failover.md. For ClawHub skill registry, see references/clawhub.md. For presence and discovery, see references/presence_discovery.md. For streaming and chunking, see references/streaming.md. For Gateway internals (network model, lock, health, doctor, logging), see references/gateway_internals.md. For heartbeat system, see references/heartbeat.md. For Bonjour/mDNS discovery details, see references/bonjour.md. For Gateway node pairing, see references/pairing.md. For Terminal UI (TUI), see references/tui.md. For media (camera, images, audio), see references/media.md. For channel routing and session keys, see references/channel_routing.md.
Tool profiles: minimal, coding, messaging, full (default).
Tool groups (for allow/deny):
group:runtime— exec, bash, processgroup:fs— read, write, edit, apply_patchgroup:sessions— sessions_list/history/send/spawn, session_statusgroup:memory— memory_search, memory_getgroup:web— web_search, web_fetchgroup:ui— browser, canvasgroup:automation— cron, gatewaygroup:messaging— messagegroup:nodes— nodesgroup:openclaw— all built-in OpenClaw tools (excludes provider plugins)
Common Failure Signatures
| Error | Cause | Fix |
|---|---|---|
refusing to bind gateway ... without auth | Non-loopback bind without token | Set gateway.auth.token or gateway.auth.password |
another gateway instance is already listening / EADDRINUSE | Port conflict | openclaw gateway --force or change port |
Gateway start blocked: set gateway.mode=local | Local mode not enabled | Set gateway.mode="local" |
unauthorized / reconnect loop | Token/password mismatch | Check OPENCLAW_GATEWAY_TOKEN or config auth |
device identity required | Missing device auth | Ensure client completes connect.challenge flow |
| No replies from bot | Pairing/allowlist/mention gating | Check openclaw pairing list, DM policy, mention patterns |
Embedding provider authentication failed (401) | .env has placeholder API key (e.g. your-jina-api-key-here) | Replace with real API key in ~/.openclaw/.env, restart Gateway |
config change requires gateway restart (plugins.*) | Plugin config changes can't hot-reload | Full openclaw gateway restart or launchctl kickstart -k |
Bootstrap failed: 5: Input/output error | LaunchAgent plist in stale/stuck state | openclaw gateway install then launchctl kickstart -k gui/$(id -u)/ai.openclaw.gateway |
Missing env var "X" referenced at config path: ... | .env missing or variable not defined | Add variable to ~/.openclaw/.env and restart Gateway |
Environment Variables
| Variable | Purpose |
|---|---|
OPENCLAW_GATEWAY_TOKEN | Gateway auth token |
OPENCLAW_GATEWAY_PASSWORD | Gateway auth password |
OPENCLAW_GATEWAY_PORT | Override gateway port |
OPENCLAW_CONFIG_PATH | Override config file path |
OPENCLAW_STATE_DIR | Override state directory |
OPENCLAW_HOME | Override home directory |
OPENCLAW_LOAD_SHELL_ENV | Import shell env (set to 1) |
OPENCLAW_VERBOSE | Verbose logging |
OPENCLAW_LOG_FILE | File logging path |
OPENCLAW_LOG_LEVEL | Log level control |
OPENCLAW_SHELL | Set by OpenClaw in exec/acp/tui runtimes |
BRAVE_API_KEY | For web_search tool |
FIRECRAWL_API_KEY | For Firecrawl anti-bot fallback |
ELEVENLABS_API_KEY | For Talk Mode TTS |
ELEVENLABS_VOICE_ID | Default voice for Talk Mode |
CLAWHUB_TOKEN | ClawHub API token for CI/automation |
CLAWHUB_WORKDIR | ClawHub working directory override |
OLLAMA_API_KEY | For Ollama embeddings provider |
Files
54 totalSelect a file
Select a file to preview.
Comments
Loading comments…