OpenClaw Deploy Guide
ReviewAudited by ClawScan on May 10, 2026.
Overview
No hidden malicious behavior is evident; this is a transparent setup guide, but it asks your agent to install third-party components and enable memory, automation, and optional WeChat integration.
This skill appears safe to review as an instruction-only deployment guide, not a hidden executable. Before using it, choose only the components you need, review every install command and external repository/package, keep indexed memory folders scoped to non-secret content, and document any cron jobs or WeChat permissions you enable.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If allowed, the agent can install tools and restart parts of OpenClaw on your machine.
The skill tells the agent to run local install and service-control commands. This matches the deployment-guide purpose and includes confirmation gates, but it still changes the local OpenClaw environment.
If not installed: `bun install -g @tobilu/qmd` ... `openclaw gateway restart`
Review each command before approving it, especially install and restart commands.
You may install and run code maintained outside this skill package.
The guide relies on external repositories and dependencies that are not included in the reviewed artifacts. This is expected for a deployment guide, but it introduces normal supply-chain risk.
Clones the vid2md repository; Installs Python dependencies ... Clones the WeChat plugin repository
Install only from trusted upstreams, review repository URLs and package names, and prefer pinned versions where possible.
Private workspace memory or blackboard Markdown may become searchable and available to OpenClaw during future sessions.
The memory stack indexes Markdown memory and blackboard files and configures OpenClaw to use them for retrieval. This is central to the skill's purpose, but it means local notes may be reused as agent context.
`qmd collection add memory-root <WORKSPACE>/memory --pattern "**/*.md"` ... `"includeDefaultMemory": true` ... `"update": { "interval": "5m", "onBoot": true }`Point the collections only at intended folders and avoid storing secrets or unrelated private documents in indexed paths.
OpenClaw maintenance tasks may keep running on a schedule after setup is complete.
Cron jobs create persistent automated behavior. The README presents them as selected maintenance tasks, so this is disclosed and purpose-aligned, but users should notice the persistence.
Adds selected maintenance cron jobs: Dream Cycle — weekly memory consolidation; Daily Progress Sync; Monthly Cleanup — archive old session logs
Enable only the cron jobs you want, record what was installed, and know how to disable or remove them later.
If enabled, OpenClaw may interact with WeChat group chat flows and may require elevated local UI permissions.
The optional WeChat phase may require account/channel access and macOS accessibility permissions. This is disclosed as a plugin feature, but it crosses a meaningful permission boundary.
WeChat group chat integration (macOS) ... Guides you through WeChat notification and accessibility setup
Enable the WeChat plugin only if you trust the plugin and understand which chats, notifications, and accessibility permissions it will use.