CHC - Claw Help Claude
PassAudited by ClawScan on May 11, 2026.
Overview
This skill coherently manages Claude Code sessions, but users should understand it can start persistent Claude Code conversations, use Claude credentials/configuration, and optionally delete old session history.
Install only if you want OpenClaw to manage Claude Code sessions. Review your Claude Code credentials and tool permissions, choose narrow project directories, use separate sessions for separate tasks, and clean or close session history when it should not persist.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Claude Code may read, edit, or run commands in the selected project depending on the user's Claude Code configuration and the prompts sent to it.
The skill intentionally exposes PTY-based control of the Claude Code CLI in a chosen project directory. This is central to the stated purpose, but it gives the managed CLI the ability to act in that working directory.
exec(command="claude", pty=true, cwd="/path/to/project")
Use project-specific working directories, review Claude Code tool permissions, and close or kill sessions when finished.
Using the skill may rely on existing Claude Code/API credentials and may spend quota or access provider-backed services.
The skill documents Claude-compatible API credential configuration. This is expected for Claude Code/API-provider use and the provided script only reports whether a token is set, not the token value.
"ANTHROPIC_AUTH_TOKEN": "your-bailian-api-key", "ANTHROPIC_BASE_URL": "https://coding.dashscope.aliyuncs.com"
Store tokens only in trusted Claude Code configuration files, use least-privilege provider keys where possible, and verify the configured base URL.
The behavior of ACP mode depends on the npm package version installed at setup time.
The documentation asks the user to install the acpx CLI from npm if missing. This setup step is purpose-aligned, but it is not represented as a pinned install spec.
npm install acpx --prefix ~/.openclaw/npm
Install acpx from a trusted registry, consider pinning a known-good version, and keep the package updated through normal dependency hygiene.
Previous prompts, outputs, and project context may persist and be reused in later Claude Code sessions.
The skill explicitly relies on persistent Claude Code session context. Persistent context is expected for multi-turn operation, but old conversation content may influence later turns.
会话自动保持上下文,Claude 会记住之前的对话
Use separate session names for separate projects or trust boundaries, clear/close sessions when appropriate, and avoid placing secrets in prompts.
Messages from connected chat channels may be forwarded into Claude Code sessions, and Claude Code outputs may be returned to those channels.
The skill describes OpenClaw bridging messages from chat channels into Claude Code and returning Claude Code output. This is the intended integration, but it crosses agent/channel boundaries.
OpenClaw 接收用户消息(Telegram/WebChat) - 通过 PTY 转发到 Claude Code CLI - Claude Code 输出返回给用户
Only connect trusted chat channels, verify which project/session a message is being sent to, and avoid forwarding sensitive data unless the channel and provider are appropriate.