Claude Dev Setup
Complete Claude Code CLI integration with session management and APEX cognitive framework. One skill to set up coding agents with persistent task tracking.
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 0 · 44 · 0 current installs · 0 all-time installs
by<Dhruv/>@dhruvarvindsingh
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The claimed purpose (Claude Code CLI integration, session tracking, APEX framework) matches required pieces: the skill requires the 'claude' binary and creates session files and AGENTS.md content. Minor mismatch: SKILL.md lists Node.js 18+ as a prerequisite but registry metadata doesn't declare this dependency; setup.sh will attempt an npm global install if claude is missing.
Instruction Scope
The SKILL.md explicitly instructs reading ~/.claude/.credentials.json to extract the access token and recommends adding an export into shell profiles and running exec commands that cat the credentials file. These instructions directly access sensitive local credentials and advise persisting them in environment/profile and embedding them into background commands (which can leak via process lists, logs, or accidental commits). While token usage is necessary for CLI calls, the way it is automated and persisted is riskier than required.
Install Mechanism
There is no formal install spec (instruction-only). The included setup.sh will, if run, run npm install -g @anthropic-ai/claude-code when claude CLI is missing — a standard npm global install from the public registry. This is expected for installing the CLI but requires network access and elevated privileges on some systems; no arbitrary downloads from unknown hosts are present.
Credentials
The skill does not declare required env vars but repeatedly instructs creating and exporting CLAUDE_CODE_OAUTH_TOKEN by reading a local credential file. Persisting the token in ~/.bashrc or ~/.zshrc and using it in inline exec commands increases the chance of accidental exposure. Requesting the token is proportionate to the stated purpose, but the persistence and usage patterns recommended are disproportionate to safe handling of secrets.
Persistence & Privilege
The skill is not set to always:true and does not request elevated platform privileges. setup.sh will create files in the user's OpenClaw workspace and suggest updates to AGENTS.md — reasonable for this purpose. However, SKILL.md recommends persisting credentials in shell profiles (user-level persistence of secrets), which elevates the long-term exposure risk even though the skill itself does not force-install or persist beyond the workspace.
What to consider before installing
This skill largely does what it says: it integrates the Claude Code CLI and adds session-tracking docs and files. However, it explicitly instructs reading your local ~/.claude/.credentials.json and exporting that OAuth token into your shell profile or embedding it into background commands. That practice risks exposing your access token (via shell history, process lists, logs, accidental commits, or other tools). Before installing or running setup.sh, consider: 1) Prefer using the CLI's official authentication flow (claude setup-token) rather than programmatically grepping tokens from files; 2) Avoid adding long-lived tokens to ~/.bashrc/~/.zshrc — use a secure credential store or session-based approach; 3) Do not embed tokens in command lines or logs; pass them via secure environment only for the duration needed; 4) Review and verify the apex-stack-claude-code and claude-code-cli-openclaw skills referenced before copying their SKILL.md into projects; 5) Be aware setup.sh will run npm install -g (requires network and may need privileges). If you accept those risks and follow safer handling of the token, the skill is coherent with its purpose; if you need stricter secret handling, treat it as unsafe until modified.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.1.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🤖 Clawdis
OSLinux · macOS
Binsclaude
SKILL.md
Claude Dev Setup
Complete package for coding agents: Claude Code CLI integration, session management, and APEX cognitive framework.
What This Skill Does
Installs and configures:
- Session Tracking —
memory/claude-code-sessions.mdfor background task management - AGENTS.md Section — Workflow documentation for all coding agents
- APEX Stack Reference — How to add cognitive framework to project CLAUDE.md files
- OAuth Token Handling — Automatic token extraction and usage
Prerequisites
- Node.js 18+
- Claude Pro/Max subscription (for OAuth token)
- OpenClaw agent workspace
OAuth Token (CRITICAL)
Where the Token Lives
Claude Code stores its OAuth token in:
~/.claude/.credentials.json
Token Format
sk-ant-oat01-xxxxx...
How to Get the Token
Option 1: Extract from credentials file (RECOMMENDED)
# Extract the accessToken from credentials
cat ~/.claude/.credentials.json | grep -o '"accessToken":"[^"]*"' | cut -d'"' -f4
Option 2: Authenticate via browser (first-time setup)
claude setup-token
# Opens browser for OAuth flow
# Paste authorization code when prompted
ALWAYS Use the Token When Calling Claude Code
Every Claude Code CLI call MUST include the token:
# ✅ CORRECT - Token set explicitly
export CLAUDE_CODE_OAUTH_TOKEN="sk-ant-oat01-xxxxx..."
claude --print --dangerously-skip-permissions "your task"
# ❌ WRONG - Token not set, will fail in non-interactive mode
claude --print "your task"
Automatic Token Extraction
Add to your shell profile for automatic token loading:
# Add to ~/.bashrc or ~/.zshrc
export CLAUDE_CODE_OAUTH_TOKEN=$(cat ~/.claude/.credentials.json 2>/dev/null | grep -o '"accessToken":"[^"]*"' | cut -d'"' -f4)
For Agent Executors
When using the exec tool, always extract and set the token:
exec({
command: "export CLAUDE_CODE_OAUTH_TOKEN=$(cat ~/.claude/.credentials.json | grep -o '\"accessToken\":\"[^\"]*\"' | cut -d'\"' -f4) && claude --print --dangerously-skip-permissions 'Task description'",
background: true,
yieldMs: 10000
})
Or pre-extract and use:
// First, extract token
exec({
command: "cat ~/.claude/.credentials.json | grep -o '\"accessToken\":\"[^\"]*\"' | cut -d'\"' -f4"
})
// Then use in all subsequent calls
exec({
command: "CLAUDE_CODE_OAUTH_TOKEN=sk-ant-oat01-xxx claude --print --dangerously-skip-permissions 'Task'"
})
Architecture
Agent Workspace
├── AGENTS.md # + Session management section
├── memory/
│ └── claude-code-sessions.md # NEW: Session registry
└── skills/
├── claude-code-cli-openclaw/ # CLI integration
├── apex-stack-claude-code/ # Cognitive framework
└── claude-dev-setup/ # THIS SKILL
System Level
└── ~/.claude/.credentials.json # OAuth token (DO NOT COMMIT)
Session Management
Registry Format
Sessions are tracked in memory/claude-code-sessions.md:
| Session ID | Label | Task | Started | Status |
|------------|-------|------|---------|--------|
| tender-nexus | build-auth | Build auth module | 2026-03-24 08:50 UTC | running |
Starting a Background Task (CORRECT WAY)
// Step 1: Extract token from credentials
// Step 2: Use in Claude Code call
exec({
command: "CLAUDE_CODE_OAUTH_TOKEN=$(cat ~/.claude/.credentials.json | grep -o '\"accessToken\":\"[^\"]*\"' | cut -d'\"' -f4) claude --print --dangerously-skip-permissions 'Task description'",
background: true,
yieldMs: 10000
})
After starting, log the session:
- Note
sessionIdfrom response - Append to
memory/claude-code-sessions.md - Report to user: "Started X (session: label)"
Checking Status
When user asks "what's the status?":
process({ action: "log", sessionId: "session-id" })
Label Naming Convention
build-feature-X— Building a new featurerefactor-Y-module— Refactoring codefix-bug-Z— Bug fixtest-coverage-A— Adding testscleanup-legacy-B— Removing old code
Quick Tasks (< 30 seconds)
For simple tasks, use direct exec without tracking:
exec({
command: "CLAUDE_CODE_OAUTH_TOKEN=$(cat ~/.claude/.credentials.json | grep -o '\"accessToken\":\"[^\"]*\"' | cut -d'\"' -f4) claude --print --dangerously-skip-permissions 'Quick fix'",
timeout: 60
})
AGENTS.md Integration
After installing this skill, your AGENTS.md gets a new section:
## 🤖 Claude Code CLI Sessions
You have access to Claude Code CLI for coding tasks.
### OAuth Token (Required)
**Token location:** `~/.claude/.credentials.json`
**ALWAYS extract and use the token:**
```bash
CLAUDE_CODE_OAUTH_TOKEN=$(cat ~/.claude/.credentials.json | grep -o '"accessToken":"[^"]*"' | cut -d'"' -f4) claude --print --dangerously-skip-permissions 'task'
Session Tracking
All background sessions tracked in memory/claude-code-sessions.md.
Before starting: Check for running sessions After starting: Log session ID + label On completion: Update status column
When User Asks Status
- Read sessions file
- Find session by label
- Poll for output
- Summarize progress
## APEX Stack for Projects
The cognitive framework (`apex-stack-claude-code`) should be added to project CLAUDE.md files, not agent memory.
### Adding to a Project
```bash
cd /path/to/your/project
# If CLAUDE.md doesn't exist:
cat ~/.openclaw/workspace-YOURS/skills/apex-stack-claude-code/SKILL.md > CLAUDE.md
# If CLAUDE.md exists, append:
cat ~/.openclaw/workspace-YOURS/skills/apex-stack-claude-code/SKILL.md >> CLAUDE.md
What APEX Stack Does
| Layer | Purpose |
|---|---|
| APEX | Cognitive modes (precision, execution, architecture, creative) |
| MEMORIA | Persistent memory for project context |
| ARCHITECT | Autonomous execution loop |
Project CLAUDE.md Structure
# Project: [Name]
## Overview
[1-2 sentences]
## Tech Stack
- Language: ...
- Framework: ...
[APEX Stack content appended here]
Complete Workflow
User gives task
↓
Agent reads memory/claude-code-sessions.md (check for conflicts)
↓
Agent extracts token: cat ~/.claude/.credentials.json | grep accessToken
↓
Agent starts: exec({ command: "CLAUDE_CODE_OAUTH_TOKEN=xxx claude ...", background: true })
↓
Agent logs session to claude-code-sessions.md
↓
Agent reports: "Started X (session: build-feature-X)"
↓
User: "What's the status?"
↓
Agent reads sessions file → polls process → summarizes
Installation Checklist
Run this after installing the skill:
- Claude Code CLI installed:
which claude - Authenticated: check
~/.claude/.credentials.jsonexists - Token extractable:
cat ~/.claude/.credentials.json | grep accessToken - Session file created:
memory/claude-code-sessions.md - AGENTS.md updated with session section
- APEX Stack added to project CLAUDE.md (if applicable)
Security Notes
- OAuth token stored in
~/.claude/.credentials.json(valid 1 year) - NEVER commit
CLAUDE_CODE_OAUTH_TOKENto git - ALWAYS extract token from credentials file, never hardcode
- Add
.claude/to.gitignore - Sessions are local to each agent workspace
- MEMORIA explicitly forbids storing credentials
Troubleshooting
"Authentication failed" or "No token"
# Check if credentials exist
ls -la ~/.claude/.credentials.json
# If missing, run setup
claude setup-token
"command not found: claude"
# Install Claude Code CLI
npm install -g @anthropic-ai/claude-code
# Verify installation
which claude
claude --version
Token works in terminal but not in exec
The token must be exported in the same shell session:
# ✅ CORRECT - Same session
CLAUDE_CODE_OAUTH_TOKEN=xxx claude --print "task"
# ❌ WRONG - Separate commands
export CLAUDE_CODE_OAUTH_TOKEN=xxx
claude --print "task" # Token not available
Token Efficiency
| Method | Tokens/Task | Cost |
|---|---|---|
| Raw API (full context) | 10,000-50,000 | Per-token |
| Claude Code (tool-based) | ~500 | Flat-rate (Max sub) |
Savings: 80-90% reduction in token usage.
Related Skills
Install these alongside for full capability:
self-improving— Learn from correctionsclaude-code-cli-openclaw— CLI integration detailsapex-stack-claude-code— Cognitive framework
Files in This Skill
claude-dev-setup/
├── SKILL.md # This file
├── sessions-template.md # Template for claude-code-sessions.md
├── agents-section.md # AGENTS.md section template
└── setup.sh # Installation script
Publishing
To publish to ClawHub:
clawhub publish ./skills/claude-dev-setup \
--slug claude-dev-setup \
--name "Claude Dev Setup" \
--version 1.1.0 \
--changelog "Added explicit OAuth token extraction guide"
Feedback
- If useful:
clawhub star claude-dev-setup - Issues: Open issue on ClawHub
- Stay updated:
clawhub sync
Files
4 totalSelect a file
Select a file to preview.
Comments
Loading comments…