ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Approve new channels, and connections to openclaw ui and terminal

v1.0.1

Web dashboard to approve OpenClaw device and channel pairings, manage connections, and access a live terminal from your browser.

2· 664·0 current·0 all-time
by@dr1nnas

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for dr1nnas/approvals-ui.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Approve new channels, and connections to openclaw ui and terminal" (dr1nnas/approvals-ui) from ClawHub.
Skill page: https://clawhub.ai/dr1nnas/approvals-ui
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install approvals-ui

ClawHub CLI

Package manager switcher

npx clawhub@latest install approvals-ui
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (dashboard for device/channel approvals and a live terminal) match the code and SKILL.md. The server reads OpenClaw state files (~/.openclaw), exposes pairing management endpoints, and provides an in-browser terminal — all consistent with the stated purpose. There are no unrelated required env vars or binaries.
Instruction Scope
SKILL.md explicitly instructs where to place files, how to install Flask/SocketIO, and to change embedded default credentials. It also documents that the app reads sensitive OpenClaw files (pending/paired device JSON, channel pairing JSON, and gateway token) and that the terminal exposes a full shell. Those behaviors are within purpose but are high-sensitivity operations; the docs warn about them. One operational note: the web templates load Socket.IO (and likely other assets) from public CDNs; SKILL.md does not call this out but this is normal for a local UI.
Install Mechanism
This is an instruction-only skill (no installer spec). The instructions tell the user to pip install flask and flask-socketio — reasonable and proportional. No remote downloads/executables are pulled by the skill itself.
Credentials
The skill requests no special environment variables in the registry metadata. The code supports optional env vars (FLASK_SECRET_KEY and SERVER_AUTH_PASSWORD) and provides defaults in server.py for ADMIN_USERNAME/ADMIN_PASSWORD/AUTH_PASSWORD which SKILL.md tells you to change. That is consistent, but embedding default admin credentials in the code is risky — the SKILL.md repeatedly warns not to run with defaults. API endpoints (/pair, /sync) accept a JSON password for automation; ensure you set a strong SERVER_AUTH_PASSWORD before use.
Persistence & Privilege
The skill does not request always:true or any platform privileges. It runs as a local Flask app and does not modify other skills or system-wide OpenClaw config beyond invoking OpenClaw CLI operations (approve/reject). Autonomous model invocation settings are default and not a special privilege in this package.
Assessment
This package appears to do what it says: a local dashboard that reads OpenClaw state files and provides an interactive terminal. Before installing or running it, do the following: 1) Change the defaults immediately — set a strong FLASK_SECRET_KEY (via env) and a strong SERVER_AUTH_PASSWORD; also change ADMIN_USERNAME/ADMIN_PASSWORD in server.py or make them configurable via environment variables. 2) Remember this app reads and displays sensitive files (gateway token, pairing JSONs); anyone who can access the web UI or the API endpoints can view or act on those secrets. The /pair and /sync API endpoints accept a JSON password (plaintext) for automation—only use them from trusted local scripts and keep the password strong. 3) The terminal provides a full shell; remove or disable the /terminal route if you do not need it. 4) Review server.py for how it invokes the OpenClaw CLI (subprocess usage). Ensure arguments are passed without shell=True or unsafe string concatenation to avoid command injection if you expose the server beyond localhost. 5) Do not bind to 0.0.0.0 or expose this service to untrusted networks without putting it behind HTTPS and strong access controls. 6) If you rely on external CDNs (socket.io,xterm.js), consider hosting assets locally if you require an air-gapped or stricter environment. If you want, provide the rest of server.py (the truncated portion) and I will inspect the exact subprocess/pty usage for additional concerns.

Like a lobster shell, security has layers — review code before you run it.

latestvk971kf3rdepapf547pxpq8gjcn81kf7v
664downloads
2stars
2versions
Updated 22h ago
v1.0.1
MIT-0
@dr1nnas
latest
Download

Approvals UI

A web dashboard for managing OpenClaw device pairings, channel approvals, and a live terminal — all from your browser.

Install

Place this folder at:

~/.openclaw/workspace/projects/p1

Your file structure should look like:

~/.openclaw/workspace/projects/p1/
├── SKILL.md
├── server.py
└── templates/
    ├── channel_approvals.html
    ├── dashboard.html
    ├── device_pairings.html
    ├── index.html
    ├── login.html
    └── terminal.html

Requirements

Install Python dependencies:

pip install flask flask-socketio

⚠️ Important — Change These Before Running

This skill ships with placeholder credentials that you must change before using:

Open server.py and update the following values near the top of the file:

WhatVariableDefaultAction
Dashboard login usernameADMIN_USERNAMEDrinnasChange to your own username
Dashboard login passwordADMIN_PASSWORDadminChange to a strong password
API auth passwordAUTH_PASSWORD / env SERVER_AUTH_PASSWORDBb7766!serverChange to a strong password or set the env var
Flask secret keyenv FLASK_SECRET_KEYdev placeholderSet to a random string in your environment

Example:

export FLASK_SECRET_KEY="$(python3 -c 'import secrets; print(secrets.token_hex(32))')"
export SERVER_AUTH_PASSWORD="your-strong-api-password-here"

Do not run with the defaults. Anyone who knows the defaults can log in and access your terminal and gateway token.

Credential Explanation

There are two separate auth layers:

  1. Dashboard login (ADMIN_USERNAME / ADMIN_PASSWORD) — protects the web UI pages (dashboard, device pairings, channel approvals, terminal).
  2. API password (AUTH_PASSWORD / env SERVER_AUTH_PASSWORD) — protects the backend API endpoints (/pair, /sync, /approve) used for programmatic access. These endpoints are not exposed in the web UI but exist for automation/scripting.

Both should be set to strong, unique values.

Usage

Start the server:

cd ~/.openclaw/workspace/projects/p1
python3 server.py

Then open http://127.0.0.1:9100 in your browser.

Features

  • Dashboard — Landing page with quick navigation to all sections.
  • Device Pairings — View pending and paired browser/device connections. Approve or reject pairing requests. Copy your gateway token to clipboard.
  • Channel Approvals — Review and approve pending channel pairing requests (Telegram, Discord, WhatsApp, etc). Real-time updates via Socket.IO.
  • Terminal — Full interactive terminal session in the browser using xterm.js.

How It Works

  • Reads device pairings directly from ~/.openclaw/devices/pending.json and ~/.openclaw/devices/paired.json.
  • Reads channel pairing requests from ~/.openclaw/credentials/*-pairing.json.
  • Reads the gateway token from ~/.openclaw/openclaw.jsongateway.auth.token.
  • Approve/reject actions use the openclaw devices approve and openclaw devices reject CLI commands.
  • No external database needed — everything reads from OpenClaw's own state files.

Security Notes

  • Localhost only — The server binds to 127.0.0.1 by default. Do not change this to 0.0.0.0 unless you put it behind a reverse proxy with TLS and strong auth.
  • Terminal access — The terminal feature gives full shell access to your machine. If you don't need it, you can remove the /terminal route and terminal.html template.
  • Sensitive files — The app reads your openclaw.json (gateway token), device pairing files, and credential pairing files. Anyone who can access the web UI can see this data.
  • API endpointsPOST /pair, POST /sync, and POST /approve accept JSON with a password field. These are protected by AUTH_PASSWORD and are intended for scripting/automation, not the web UI.

Configuration

SettingLocationDefault
Server portserver.py bottom9100
Dashboard loginserver.py ADMIN_USERNAME / ADMIN_PASSWORDDrinnas / admin
API passwordserver.py AUTH_PASSWORD / env SERVER_AUTH_PASSWORDBb7766!server
Flask secret keyenv FLASK_SECRET_KEYdev placeholder
OpenClaw state direnv OPENCLAW_STATE_DIR~/.openclaw

Tags

ui dashboard pairings approvals terminal web

Comments

Loading comments...