ClawHub

Openclaw Workspace Pro

v1.0.0

Sets up a production-ready OpenClaw workspace with artifact workflows, secure secrets, memory compaction, and long-running agent patterns via one command.

2· 691·4 current·4 all-time
by@eugene9d
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description promise a production workspace and the package provides templates, docs, and an install.sh that creates the directory structure, copies .env.example, .gitignore and docs, and appends guidance to AGENTS.md/TOOLS.md. All requested artifacts match the stated purpose; no unrelated credentials or external services are required by the package itself.
Instruction Scope
SKILL.md instructs cloning the repo and running ./install.sh (or using clawhub). The instructions are focused on creating folders, copying templates, and adding documentation. They do not instruct reading unrelated system files, contacting external endpoints, or exfiltrating data.
Install Mechanism
Install is a bundled shell script (install.sh) that runs locally and writes files under /data/.openclaw/workspace by default. This is a typical, low-risk install method, but it will modify workspace files and append to AGENTS.md/TOOLS.md when present. No downloads from untrusted URLs or extraction of remote archives are performed.
Credentials
The skill declares no required env vars or credentials. It creates a .env template for user-populated secrets (which is appropriate for secrets management). There are no demands for unrelated secrets or high-privilege tokens.
Persistence & Privilege
The skill is not always-enabled and does not request persistent system-wide privileges. It only writes files into the workspace and creates backups for AGENTS.md/TOOLS.md. It does not modify other skills' configurations or request permanent agent-level privileges.
Assessment
This package appears coherent and low-risk, but take these precautions before installing: 1) Verify the repository source (https://github.com/Eugene9D/openclaw-workspace-pro) and inspect templates (templates/*) for any content you don't want added. 2) Run the installer in a test or staging workspace first (not a production workspace) to confirm behaviour and backups. 3) Back up your existing /data/.openclaw/workspace before running install.sh (install will write files there and append to AGENTS.md/TOOLS.md). 4) Review the created .env template and never paste secrets into docs; populate .env manually and keep it gitignored. 5) Note the network allowlist guidance in TOOLS-additions.md and customize it; the templates include a permissive set of allowed domains you should tailor to your environment. 6) Run the installer as an unprivileged user where possible (avoid running as root) so accidental wide filesystem changes are limited. 7) If you want to limit agent autonomy, remember skills can be invoked by agents by default—consider restricting autonomous invocation on your platform if you have strict controls. Overall the package is consistent with its stated purpose; the remaining steps are standard operational hygiene.

Like a lobster shell, security has layers — review code before you run it.

latestvk971cnwv30d7b0j4ewae1gkr99815bn2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments