Macos Bridge

v0.6.2

Bridge Mac-owned tools like imsg, remindctl, memo, things, and peekaboo onto a Linux OpenClaw gateway by installing explicit same-LAN SSH wrappers with optio...

⭐ 0· 408·1 current·1 all-time

byMatthew Murphy@matthewxmurphy

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

The name/description match the shipped scripts and SKILL.md. The bundle only needs SSH reachability, an OpenClaw config for auto-discovery, and (optionally) Wake-on-LAN mapping — all appropriate for bridging macOS tools to Linux wrappers.

✓

Instruction Scope

Runtime instructions and scripts only read the provided OpenClaw config (or $HOME/.openclaw/openclaw.json), create local wrapper scripts in the target dir, invoke SSH to the discovered Mac hosts, and optionally send Wake-on-LAN UDP broadcasts on the local network. They do not call external web endpoints or request unrelated system files or environment secrets.

✓

Install Mechanism

This is instruction-only (no package manager downloads). All code is included in the skill bundle (bash scripts and small Python snippets) and nothing is fetched from arbitrary URLs or remote servers during install.

✓

Credentials

The skill does not declare required env vars or credentials. It accepts optional SSH key and known_hosts file paths as arguments (reasonable for SSH use). There are no unexplained SECRET/TOKEN requirements.

✓

Persistence & Privilege

always:false and no attempt to modify other skills or global agent settings. The scripts write wrappers only to the user-specified target directory and do not request persistent elevated privileges.

Assessment

This skill appears coherent for its stated purpose, but review and consider the following before installing: ensure the target Linux gateway and Macs are on a trusted LAN (the wrappers will SSH to the Macs and may send Wake-on-LAN broadcast packets); provide explicit --ssh-key and --known-hosts or verify SSH host keys to avoid MITM risks; inspect the generated wrapper scripts in the chosen target directory before making them executable (they run remote binaries via SSH); confirm the remote macOS binaries exist and have appropriate permissions; and be aware the skill requires python3 for OpenClaw config parsing and Wake-on-LAN support. If you do not trust the network or the remote hosts, do not use this bridge.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🍎 Clawdis

latestvk975qqbmd2j5cf8896aeqajsfh82kyrt

408downloads

0stars

4versions

Updated 1mo ago

v0.6.2

MIT-0

macOS Bridge

Use this skill when a Linux OpenClaw gateway should expose Mac-owned tools as stable Linux-side commands.

This skill is for tools that are inherently macOS-backed:

imsg
remindctl
memo
things
peekaboo

It does not try to make Linux pretend those binaries are native. It installs explicit Linux-side wrappers that call the owning Mac over SSH.

If the matching feature is disabled in openclaw.json, do not force the bridge.

If the feature is enabled and Linux already has a working local binary, that is also acceptable. Use this skill when the enabled feature needs the Mac-owned implementation.

Use This Skill For

same-LAN Linux gateway to Mac node setups
Mac-owned tools with macOS permissions or data access
wrapper-backed public skills that should stay truthful on Linux
enabled-channel auto-selection from channels.*.enabled
remoteHost auto-discovery from an existing OpenClaw config
optional Wake-on-LAN recovery when a Mac sleeps

Do Not Use This Skill For

Homebrew-centric Linux augmentation where the main goal is exposing /opt/homebrew/bin tools in general
Linux-native tools that should be installed locally
patching OpenClaw internals so macOS-only tools show as green on Linux
WAN-routed or untrusted remote Macs

Requirements

Linux gateway and Mac nodes share the same trusted local network or VLAN
Linux gateway can SSH to the owning Mac node
remote binaries exist and already have the needed macOS permissions
Macs stay awake for work windows or support Wake-on-LAN if you expect remote resume

Workflow

1. Render A Tool Ownership Map

Run:

scripts/render-tool-map.sh /home/node/.openclaw/openclaw.json

If the OpenClaw config already contains enabled macOS-backed channels, this prints an auto-discovered map for enabled tools first.

2. Install The macOS Pack

Example:

scripts/install-macos-pack.sh \
  --target-dir /home/node/.openclaw/bin \
  --openclaw-config /home/node/.openclaw/openclaw.json \
  --default-host agent2@192.168.88.12 \
  --wake-map mac-node.local=AA:BB:CC:DD:EE:FF \
  --wake-wait 20 \
  --wake-retries 2

When no --tool or --map arguments are provided, the installer now auto-selects only the supported tools whose channels are enabled in the OpenClaw config.

The installer resolves hosts in this order:

explicit --map tool=user@host
matching remoteHost in the OpenClaw config
--default-host user@host
the single discovered Mac host if only one unique remoteHost exists
no repeated host questions when the OpenClaw config already resolves the owner

3. Verify The Pack

Run:

scripts/verify-macos-pack.sh \
  --target-dir /home/node/.openclaw/bin \
  --openclaw-config /home/node/.openclaw/openclaw.json

When --openclaw-config is provided, verification only checks enabled macOS-backed features instead of treating every supported tool as required.

Design Contract

Linux holds the wrapper paths
macOS holds the real binaries and OS permissions
published skills depend on wrapper paths, not remote binary paths
tool ownership stays explicit and auditable

Files

scripts/install-wrapper.sh: create one SSH wrapper for a remote binary
scripts/install-macos-pack.sh: install a batch of macOS-owned tool wrappers with auto-discovery and optional Wake-on-LAN
scripts/verify-macos-pack.sh: verify the installed wrapper pack
scripts/render-tool-map.sh: print auto-discovered or fallback ownership maps
references/skill-readiness.md: publishability rules for wrapper-backed skills

Comments

Loading comments...