Node Connect Diagnostics

v1.0.0

Diagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps. Use when QR/setup code/manual connect fails, local Wi-Fi w...

⭐ 0· 111·0 current·0 all-time

by@chuangyinbot-boop·duplicate of @jackhua6/node-connect

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for chuangyinbot-boop/cool-node-connect.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Node Connect Diagnostics" (chuangyinbot-boop/cool-node-connect) from ClawHub.
Skill page: https://clawhub.ai/chuangyinbot-boop/cool-node-connect
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install cool-node-connect

ClawHub CLI

Package manager switcher

npx clawhub@latest install cool-node-connect

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The SKILL.md clearly describes diagnosing OpenClaw node/gateway pairing and lists concrete commands (openclaw, optionally tailscale). However the registry metadata declares no required binaries or credentials. That mismatch (instructions expecting CLIs that aren’t declared) is an incoherence: a legitimate diagnostic skill should list required binaries like 'openclaw' and optionally 'tailscale'.

ℹ

Instruction Scope

The runtime instructions stay on-topic (inspect gateway QR payload, config paths, and Tailscale state) and do not request unrelated files or external endpoints. One important operational step is approving pending device pairings via 'openclaw devices approve --latest' — this is a privileged action but is consistent with the stated goal of fixing pairing failures.

✓

Install Mechanism

There is no install spec and no code files (instruction-only). That minimizes disk-write risk; the skill only instructs running existing CLIs. This is consistent for a diagnostic guide, but increases dependency on the host environment.

Credentials

The skill requests no environment variables or credentials, which is appropriate. However, it implicitly requires access to the host CLI tools and permissions to run them (and to approve devices). The lack of declared required binaries (openclaw, tailscale) is disproportionate to the instructions and should be corrected.

✓

Persistence & Privilege

The skill does not request always: true and uses default autonomous-invocation settings. That is normal. Note that if the agent autonomously executes the CLI commands listed, it could make privileged changes (approve devices) — this is a behavior property of the runtime instructions rather than a metadata privilege flag.

What to consider before installing

This skill is mostly a step-by-step diagnostic guide and looks like it does what it says — but it assumes the presence of the 'openclaw' CLI (and sometimes 'tailscale') and the ability to run privileged commands such as approving device pairings. Before installing, verify: (1) the agent environment actually has the openclaw (and tailscale if needed) binaries, (2) you are comfortable the agent may execute those CLIs (they can change device pairing state), and (3) the skill metadata is updated to declare these required binaries. If you want to be safer, restrict autonomous invocation or run the guide manually rather than granting the agent permission to execute commands that approve devices.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f9c87tts889g2jhcd4yw11n856cqc

111downloads

0stars

1versions

Updated 1w ago

v1.0.0

MIT-0

Node Connect

Goal: find the one real route from node -> gateway, verify OpenClaw is advertising that route, then fix pairing/auth.

Topology first

Decide which case you are in before proposing fixes:

same machine / emulator / USB tunnel
same LAN / local Wi-Fi
same Tailscale tailnet
public URL / reverse proxy

Do not mix them.

Local Wi-Fi problem: do not switch to Tailscale unless remote access is actually needed.
VPS / remote gateway problem: do not keep debugging localhost or LAN IPs.

If ambiguous, ask first

If the setup is unclear or the failure report is vague, ask short clarifying questions before diagnosing.

Ask for:

which route they intend: same machine, same LAN, Tailscale tailnet, or public URL
whether they used QR/setup code or manual host/port
the exact app text/status/error, quoted exactly if possible
whether openclaw devices list shows a pending pairing request

Do not guess from can't connect.

Canonical checks

Prefer openclaw qr --json. It uses the same setup-code payload Android scans.

openclaw config get gateway.mode
openclaw config get gateway.bind
openclaw config get gateway.tailscale.mode
openclaw config get gateway.remote.url
openclaw config get gateway.auth.mode
openclaw config get gateway.auth.allowTailscale
openclaw config get plugins.entries.device-pair.config.publicUrl
openclaw qr --json
openclaw devices list
openclaw nodes status

If this OpenClaw instance is pointed at a remote gateway, also run:

openclaw qr --remote --json

If Tailscale is part of the story:

tailscale status --json

Read the result, not guesses

openclaw qr --json success means:

gatewayUrl: this is the actual endpoint the app should use.
urlSource: this tells you which config path won.

Common good sources:

gateway.bind=lan: same Wi-Fi / LAN only
gateway.bind=tailnet: direct tailnet access
gateway.tailscale.mode=serve or gateway.tailscale.mode=funnel: Tailscale route
plugins.entries.device-pair.config.publicUrl: explicit public/reverse-proxy route
gateway.remote.url: remote gateway route

Root-cause map

If openclaw qr --json says Gateway is only bound to loopback:

remote node cannot connect yet
fix the route, then generate a fresh setup code
gateway.bind=auto is not enough if the effective QR route is still loopback
same LAN: use gateway.bind=lan
same tailnet: prefer gateway.tailscale.mode=serve or use gateway.bind=tailnet
public internet: set a real plugins.entries.device-pair.config.publicUrl or gateway.remote.url

If gateway.bind=tailnet set, but no tailnet IP was found:

gateway host is not actually on Tailscale

If qr --remote requires gateway.remote.url:

remote-mode config is incomplete

If the app says pairing required:

network route and auth worked
approve the pending device

openclaw devices list
openclaw devices approve --latest

If the app says bootstrap token invalid or expired:

old setup code
generate a fresh one and rescan
do this after any URL/auth fix too

If the app says unauthorized:

wrong token/password, or wrong Tailscale expectation
for Tailscale Serve, gateway.auth.allowTailscale must match the intended flow
otherwise use explicit token/password

Fast heuristics

Same Wi-Fi setup + gateway advertises 127.0.0.1, localhost, or loopback-only config: wrong.
Remote setup + setup/manual uses private LAN IP: wrong.
Tailnet setup + gateway advertises LAN IP instead of MagicDNS / tailnet route: wrong.
Public URL set but QR still advertises something else: inspect urlSource; config is not what you think.
openclaw devices list shows pending requests: stop changing network config and approve first.

Fix style

Reply with one concrete diagnosis and one route.

If there is not enough signal yet, ask for setup + exact app text instead of guessing.

Good:

The gateway is still loopback-only, so a node on another network can never reach it. Enable Tailscale Serve, restart the gateway, run openclaw qr again, rescan, then approve the pending device pairing.

Bad:

Maybe LAN, maybe Tailscale, maybe port forwarding, maybe public URL.

Comments

Loading comments...