ClawHub

Agent Deployment

v1.0.0

AI Agent 部署与管理。在 WSL2/Linux 上安装 OpenClaw,配置 GitHub Copilot 认证,启动 Gateway,初始化 workspace(SOUL.md/USER.md/TASKS.md)。支持多 Agent 部署、端口配置、认证排错。使用场景:部署新 Agent、重启 Age...

0· 69·0 current·0 all-time
by@mirowangl-ops
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (Agent deployment and management on WSL2/Linux) matches the SKILL.md steps: install nvm/Node.js, install openclaw, run setup, perform GitHub Copilot auth, edit openclaw.json and start the gateway. All requested actions are coherent for deploying an agent.
Instruction Scope
Instructions limit actions to installing runtime (nvm/Node), installing/starting OpenClaw, editing ~/.openclaw/openclaw.json and creating workspace files (SOUL.md/USER.md/TASKS.md). There are no instructions to read or exfiltrate unrelated system files or environment variables.
Install Mechanism
This is an instruction-only skill (no install spec). The commands include piping a script from raw.githubusercontent.com into bash (nvm installer) and a global 'npm install -g openclaw'. raw.githubusercontent.com is a common host, but piping remote scripts and installing global npm packages have inherent risks—users should inspect scripts and confirm the npm package's provenance before running.
Credentials
The skill does not declare or require environment variables or external credentials in metadata. The SKILL.md legitimately requires interactive GitHub Copilot device-code authentication (expected for Copilot integration). There are no unrelated credential requests.
Persistence & Privilege
The skill does not request 'always' presence or any elevated persistent privileges. It documents that the user must manually start WSL and the gateway after reboot; no unexpected permanent modifications are instructed.
Scan Findings in Context
[none] expected: No regex-based scan findings — this is an instruction-only skill so there were no code files for the scanner to analyze.
Assessment
This skill appears to do what it says: install and run OpenClaw on WSL2 and guide you through Copilot authentication. Before running the commands: (1) inspect the remote install script instead of blindly piping to bash; view https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh first. (2) Verify the npm package 'openclaw' is the legitimate project you expect (check the package page or project repo). (3) Note that Copilot device-code authentication will produce tokens—confirm where tokens are stored and revoke them if needed. (4) The model string shown ("github-copilot/claude-sonnet-4-20250514") looks unusual (mix of vendor names); verify that this model identifier is correct for your OpenClaw configuration. If any of these checks fail or sources are unknown, avoid running the installer commands.

Like a lobster shell, security has layers — review code before you run it.

latestvk970j16gwqac41j1b4g1wnh5ad84n1gv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments