Crabwalk

What to consider before installing: - Metadata mismatch: The skill did not declare that it reads the OpenClaw config (~/.openclaw/openclaw.json) but the instructions say it will auto-detect the gateway token there. Confirm that reading that file is acceptable for your environment. - Binary install from GitHub: The install downloads and extracts a release tarball and places a binary in ~/.local/bin. Although GitHub releases are common, this will execute code on your machine. Verify the project's repo (https://github.com/luccast/crabwalk), review the source or release artifacts, and confirm the release checksum/signature if available. - Persistence and shell modification: The installer appends PATH export lines to your shell rc files. Expect files under ~/.crabwalk and an executable in ~/.local/bin; be prepared to remove them if you uninstall. - Network exposure: Crabwalk defaults to binding 0.0.0.0:3000 and instructs sharing the network IP. That makes the monitor accessible from other machines on your network — fine if intentional, risky if running on a public or untrusted network. Consider firewall rules or binding to localhost with an SSH tunnel if you want restricted access. - Elevated installs: The script optionally uses package managers with sudo to install qrencode. Expect sudo prompts; the rest of the install does not require root. - Safer steps: run the tool in an isolated VM/container or on a non-sensitive host first; inspect the GitHub repository and release artifacts; prefer source builds if possible; backup relevant files and review ~/.bashrc/.zshrc changes after installation. If the author provided explicit metadata (required config path, checksums for releases, or a signed release), my confidence that this is coherent would increase. Without those, treat the skill as plausible but with installation/runtime actions that deserve manual review.