ClawHub

Clawdship

Deploy websites and apps to clawdship.dev with zero signup. Use when user says "deploy", "host", "put this online", "publish site", "ship it", or wants to de...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
4 · 374 · 0 current installs · 0 all-time installs
byndlz@nicodlz
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, SKILL.md, and deploy.sh all focus on packaging files and POSTing them to https://api.clawdship.dev. Declared binaries (curl, tar) and the CLAWDSHIP_API_KEY credential are appropriate for this purpose.
Instruction Scope
Instructions and the script stay within deployment scope (tar the directory, POST archive). The script prints the returned API key and billing URL to stdout — necessary to give the user their key but a potential information-leak risk if agent logs/conversation are stored. The script uses grep/sed to parse JSON (fragile) rather than a JSON parser; this is not malicious but brittle and may fail for complex responses.
Install Mechanism
No install spec; this is an instruction-only skill with a small helper script. Nothing is downloaded or written to system paths during install.
Credentials
Only CLAWDSHIP_API_KEY (and an optional CLAWDSHIP_API base URL) are used — proportional to the stated function. However, the script accepts the API key as a third CLI argument (visible in process listings) and prints API keys to stdout; both increase the risk of accidental credential exposure.
Persistence & Privilege
always is false and the skill does not request persistent system modifications or access to other skills' configs. It only reads the provided directory and optional environment variables.
Assessment
This skill appears to do what it says: package a directory and POST it to clawdship's API. Before installing or running: 1) Treat the returned API key as a secret — avoid passing it on the command line (use CLAWDSHIP_API_KEY env var) because argv can show in process listings. 2) The script prints the API key and billing URL to stdout; those may be captured in agent logs or conversation history — only run this where outputs are private. 3) Don’t include local secrets (env files, keys) in the directory you deploy. 4) The JSON parsing is brittle (grep/sed); if you rely on automation, consider using a safer JSON tool (jq or a small Python snippet). 5) Confirm you trust https://api.clawdship.dev and understand the 7-day trial / billing model (USDC on Base) before authorizing charges. If you need higher assurance, request the skill source be audited or replace the deploy script with an implementation that avoids printing secrets and uses a robust JSON parser.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.1
Download zip
latestvk9742vpry7cbqjv5c4jhqnj51d81pn80

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🚢 Clawdis
Binscurl, tar
Primary envCLAWDSHIP_API_KEY

SKILL.md

Clawdship — Agent-Native Hosting

Deploy static sites and Docker apps to clawdship.dev in one command. No signup, no dashboard, no credit card.

Quick Deploy

# Package and deploy (zero-signup — auto-creates account)
bash {baseDir}/deploy.sh my-app ./dist

# With existing API key
bash {baseDir}/deploy.sh my-app ./dist cship_YOUR_KEY

# Or via env var
CLAWDSHIP_API_KEY=cship_YOUR_KEY bash {baseDir}/deploy.sh my-app ./dist

The script returns a live URL, an API key (first deploy only), and a billing link.

⚠️ Save the API key immediately — it cannot be recovered. Use a password manager or encrypted storage.

What Happens on First Deploy

  1. You get a live URL: https://my-app.clawdship.dev
  2. You get an API key: cship_... (save it!)
  3. You get a billing URL: share with the human for payments
  4. Site is on a 7-day free trial, then $5/month

⚠️ Always Tell the Human About the Trial

After deploying, you must tell the human:

"Your site is live at https://my-app.clawdship.dev 🚀 It's on a 7-day free trial. After that, $5/month. Add credits here: {billingUrl}"

Never let them think it's free forever.

API Reference

Base URL: https://api.clawdship.dev/v1 Auth: Authorization: Bearer cship_...

Deploy Static Site (alternative to script)

tar czf /tmp/archive.tar.gz -C ./dist .
curl -s -X POST https://api.clawdship.dev/v1/sites \
  -F "name=my-app" -F "type=static" -F "slug=my-app" \
  -F "archive=@/tmp/archive.tar.gz"

Deploy Docker App

Include a Dockerfile in your archive. Clawdship builds and runs it automatically.

tar czf /tmp/archive.tar.gz -C ./my-project .
curl -s -X POST https://api.clawdship.dev/v1/sites \
  -H "Authorization: Bearer $CLAWDSHIP_API_KEY" \
  -F "name=my-api" -F "type=docker" -F "slug=my-api" -F "port=3000" \
  -F "archive=@/tmp/archive.tar.gz"
  • type: "docker" — builds from Dockerfile
  • port — the port your app listens on (default: 3000)
  • Environment variables: pass -F "envVars[KEY]=value" in the request

Manage Sites

# List sites
curl -s -H "Authorization: Bearer $CLAWDSHIP_API_KEY" https://api.clawdship.dev/v1/sites

# Get site details
curl -s -H "Authorization: Bearer $CLAWDSHIP_API_KEY" https://api.clawdship.dev/v1/sites/SITE_ID

# Redeploy
curl -s -X POST -H "Authorization: Bearer $CLAWDSHIP_API_KEY" https://api.clawdship.dev/v1/sites/SITE_ID/redeploy

# Delete
curl -s -X DELETE -H "Authorization: Bearer $CLAWDSHIP_API_KEY" https://api.clawdship.dev/v1/sites/SITE_ID

# Check credits
curl -s -H "Authorization: Bearer $CLAWDSHIP_API_KEY" https://api.clawdship.dev/v1/credits

Custom Domains

Point DNS first, then add the domain:

  • Subdomain: CNAME www.example.com → my-app.clawdship.dev
  • Apex: A record example.com → 135.125.179.231
curl -s -X PATCH "https://api.clawdship.dev/v1/sites/SITE_ID" \
  -H "Authorization: Bearer $CLAWDSHIP_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"customDomain": "example.com"}'

SSL is automatic via Let's Encrypt (~30 seconds).

Redeploy with New Files

tar czf /tmp/archive.tar.gz -C ./dist .
curl -s -X POST "https://api.clawdship.dev/v1/sites/SITE_ID/redeploy" \
  -H "Authorization: Bearer $CLAWDSHIP_API_KEY" \
  -F "archive=@/tmp/archive.tar.gz"

Payments

For Agents (x402 protocol)

# Top up credits — returns 402 with x402 payment instructions
curl -X POST -H "Authorization: Bearer $CLAWDSHIP_API_KEY" \
  https://api.clawdship.dev/v1/credits/topup/5

# Amounts: $5, $10, $20, $50
# Requires: x402-compatible SDK + USDC on Base (chain 8453)

Your x402 SDK handles the 402 response automatically. Zero gas (sponsored).

For Humans (billing page)

Every API response includes billingUrl. Share it — the human connects their wallet and pays with USDC on Base.

Pricing

Trial7 days free, first site
Monthly$5/site/month
PaymentUSDC on Base

Key Concepts

  • Zero-signup — No registration. First deploy creates your account.
  • API keycship_ + 64 hex. Your only credential. Cannot be recovered.
  • billingUrl — Magic link in every response. Share with human for payments.
  • Credits — Prepaid USD balance. Top up via x402 (agents) or billing page (humans).

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…