Create Agent
v1.0.1一键创建完整配置的 OpenClaw agent,包括身份定义、团队集成、模型与通信渠道设置,支持交互和命令行模式。
⭐ 0· 410·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (create a fully configured OpenClaw agent) aligns with the code and SKILL.md: the script creates agent/workspace files and updates openclaw.json and TEAM.md. However, the package declares no required environment variables or credentials even though the code writes channel account entries that reference environment variables like ${<AGENT>_TOKEN} and the docs instruct how to extract and set tokens for ClawHub/Channels. Also some paths in the code are hardcoded to /root (e.g., agentDir and TEAM.md path) which is inconsistent with using Path.home(), suggesting possible path assumptions that may not match the user's environment.
Instruction Scope
SKILL.md explicitly tells users to run the included script; the script will read and write local configuration files: ~/.openclaw/openclaw.json, ~/.openclaw/agents/<id>/..., and /root/.openclaw/workspace/TEAM.md. That's inside the stated purpose, but it means the skill will modify global agent configuration and team docs and create auth.json files. The documentation (GET_TOKEN.md) also guides obtaining tokens from a browser and storing them on the server—instructions that relate to credentials but are not surfaced as required by the registry metadata.
Install Mechanism
No install spec; the skill is instruction-only with a Python script included. That reduces automatic install risk. The provided usage runs the script locally (python3 scripts/create_agent.py) — nothing is downloaded from third‑party URLs by the manifest itself.
Credentials
Registry metadata lists no required env vars, but the script populates openclaw.json channel accounts with placeholders referencing environment variables (e.g., "${AGENTID_TOKEN}") and SKILL.md/README instructs setting environment variables for channel secrets (DEV_FE_APP_ID/SECRET and similar). GET_TOKEN.md shows how to extract a ClawHub token from a browser and suggests using it on the server. Requiring credentials (bot tokens, app secrets, ClawHub token) is plausible for channel setup, but the skill does not declare them up front and the documentation includes steps to retrieve sensitive tokens—this mismatch is a red flag and could lead to accidental credential exposure.
Persistence & Privilege
The skill is not marked 'always' and does not request elevated platform privileges. However it modifies user-local configuration (openclaw.json, TEAM.md) and creates agent auth files. That is expected for its purpose but you should be aware it changes global OpenClaw configuration and may add routing bindings and channel account entries (including adding a proxy setting for telegram: http://127.0.0.1:7890).
What to consider before installing
Before running this skill, review the included script (scripts/create_agent.py) line-by-line and back up ~/.openclaw/openclaw.json and ~/.openclaw/workspace/TEAM.md. Run the script with --dry-run first to see changes. Be cautious about the hardcoded /root paths — run as your normal user and confirm Path.home() and referenced paths are correct. The skill's docs tell you how to extract tokens from a browser; never paste secrets into public places and avoid running token-capture steps on shared machines. If you plan to configure channel tokens, set them in environment variables yourself and confirm the variable names the script will insert. If anything looks unexpected (adding bindings for 'main', adding proxy entries, or creating auth.json files), stop and inspect the generated files before restarting gateways or services.Like a lobster shell, security has layers — review code before you run it.
agentvk97991y3hw520m33vkxvfj35f5821nhscreatevk97991y3hw520m33vkxvfj35f5821nhslatestvk97dxdgye99mjcx6jc074n6rdn8213s4teamvk97991y3hw520m33vkxvfj35f5821nhsworkflowvk97991y3hw520m33vkxvfj35f5821nhs
License
MIT-0
Free to use, modify, and redistribute. No attribution required.