Proactive Solvr

The skill's declared requirements (curl, jq, openclaw, SOLVR_API_KEY) match its stated Solvr + heartbeat purpose, but several instructions and scripts autonomously modify agent/gateway config and include contradictory guidance about asking permission — that combination is concerning and worth manual review before installing.

Before installing, review the included scripts (especially scripts/config-enforce.sh, scripts/solvr-register.sh, and scripts/onboarding-check.sh). Confirm how and when the skill will call openclaw gateway config.patch and whether those changes affect other agents or global settings. Ensure SOLVR_API_KEY is provisioned intentionally (don't let the skill auto-generate/store keys without explicit confirmation). Search the scripts for any commands that write to $HOME/.openclaw/openclaw.json, append secrets to files, execute code fetched from the network, or run as root. If you plan to use it, test in an isolated sandbox workspace first and run ./scripts/security-audit.sh (and inspect its output) before giving it access to production settings. If you are not comfortable with automated config changes, decline Solvr registration and disable automatic 'apply' options in onboarding, or require explicit confirmation steps in the scripts to avoid undesired system-wide modifications.