ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Quickstart Setup

v1.0.0

Complete OpenClaw setup automation skill. Installs gateway, hardens security (localhost binding, auth), routes to cost-effective models (DeepSeek/Kimi for si...

0· 22·0 current·0 all-time
by@sepulchralvoid666
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The name/description (quickstart setup, gateway hardening, channel connectors, routing models, starter workflows) match the SKILL.md instructions. The steps (npm install openclaw, configure gateway, add channels, install skills) are coherent with the stated purpose.
!
Instruction Scope
The runtime instructions go beyond one‑off configuration: they create recurring cron jobs and a 'heartbeat' that instructs the system to 'Execute priority tasks' and to read HEARTBEAT.md — this is vague and grants the agent recurring autonomous behavior. They also instruct installing additional skills (wacli, maton) which will further expand capabilities and risk. The guide does not constrain what the cron/heartbeat may execute.
Install Mechanism
There is no install spec in the registry entry (instruction‑only). The SKILL.md tells the user to run `npm i -g openclaw` and to install other skills via `openclaw skills install`. Installing packages from npm/ClawHub is normal for this task, but it pulls code from third‑party registries and unvetted skill repositories — a moderate risk that the user should review the upstream packages and pin versions.
Credentials
The registry declares no required env vars, but the instructions require/expect service tokens (Telegram/Discord bot tokens, WhatsApp pairing, email access via Maton) and external network setup (Tailscale). Requesting those credentials is proportionate to connecting channels, but the skill does not declare them formally — users may accidentally supply broad credentials or paste tokens without vetting. Also the SKILL.md suggests reading/writing MEMORY.md and HEARTBEAT.md, which could include sensitive data.
!
Persistence & Privilege
always:false is fine, but the skill explicitly instructs creating cron jobs and a heartbeat that will run periodically and trigger system events. That grants ongoing autonomous execution capability and increases blast radius if a malicious or buggy skill is installed. The guide also instructs installing additional skills which may persist or expand privileges.
What to consider before installing
This guide appears to do what it says (quickstart/install/configure), but it also gives the agent recurring autonomous duties (cron/heartbeat) and tells you to install other skills from registries that may be unvetted. Before following it: 1) Inspect the openclaw npm package and the upstream source (GitHub repo, maintainers, recent releases) and pin a known-good version instead of blindly `npm i -g`. 2) Vet any third‑party skills (wacli, maton, etc.) before installing; avoid paste-installing commands from untrusted sources. 3) Only provide channel tokens (Telegram/Discord/WhatsApp/email) to config files you control; do not paste them into public chat. 4) Narrow the cron/heartbeat actions — make them non-executing tests first, or run them in a sandbox/VM/container. 5) Keep the gateway bound to localhost and prefer a secure tunnel (Tailscale) for remote access. 6) Backup configuration and review memory/heartbeat files for sensitive content. If you want higher assurance, request the upstream package sources, checksums, and a maintainers list before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dpj2k6nszww2trg6dch0s2s85d3b5
22downloads
0stars
1versions
Updated 4h ago
v1.0.0
MIT-0
@sepulchralvoid666
latest
Download

OpenClaw Quickstart Setup

Production-tested setup flow for OpenClaw/Moltbot. Every step comes from real deployments — not theory.

Prerequisites Check

node --version  # Needs 22.16+ (24 recommended)
npm --version

If Node is too old: nvm install 24

Step 1: Install & Initialize

npm i -g openclaw
openclaw init

Step 2: Security Hardening (DO THIS FIRST)

Bind to localhost (prevent public exposure)

// openclaw.json
{
  "gateway": {
    "bind": "127.0.0.1"
  }
}

Why: CVE-2026-25253 ("Clawbleed") exploited default 0.0.0.0 binding. 63% of 42K+ exposed instances had zero auth. This is literally 30 seconds of work.

Enable authentication

{
  "gateway": {
    "auth": true
  }
}

For remote access: Use Tailscale. Never expose directly.

Step 3: Cost-Effective Model Routing

The biggest money-saver. Route simple tasks to cheap models, reserve expensive ones for complex reasoning:

{
  "agents": {
    "defaults": {
      "model": {
        "primary": "deepseek/deepseek-chat",
        "fallbacks": ["nvidia/nemotron-nano-12b-v2"]
      },
      "imageModel": {
        "primary": "moonshotai/kimi-k2.5"
      }
    }
  }
}

Cost comparison (monthly for moderate use):

  • All Claude Opus: ~$420/month
  • All GPT-5.4: ~$300/month
  • Routed (DeepSeek + Kimi + fallback): ~$15-30/month
  • Savings: 70-90%

Task-based routing in prompts

For simple tasks (formatting, lists, translations): use default model
For complex reasoning (debugging, architecture, analysis): use /model command to switch
For vision/image tasks: uses imageModel automatically

Step 4: Channel Connection

Telegram (most popular)

  1. Message @BotFather on Telegram
  2. /newbot → get API token
  3. Configure:
{
  "channels": {
    "telegram": {
      "adapter": "telegram",
      "token": "YOUR_BOT_TOKEN"
    }
  }
}

WhatsApp (via WA CLI)

openclaw skills install wacli

Follow WA CLI skill instructions for QR code pairing.

Discord

{
  "channels": {
    "discord": {
      "adapter": "discord",
      "token": "YOUR_BOT_TOKEN"
    }
  }
}

Step 5: Starter Workflows

Daily Brief (cron)

{
  "cron": [{
    "name": "daily-brief",
    "schedule": {"kind": "cron", "expr": "0 8 * * *", "tz": "UTC"},
    "sessionTarget": "main",
    "payload": {"kind": "systemEvent", "text": "DAILY BRIEF: Check email, calendar, weather. Summarize priorities."}
  }]
}

Email Triage (via Maton)

# Install Maton skill for Gmail/Outlook access
openclaw skills install maton

Heartbeat (periodic self-check)

{
  "cron": [{
    "name": "heartbeat",
    "schedule": {"kind": "every", "everyMs": 1800000},
    "sessionTarget": "main",
    "payload": {"kind": "systemEvent", "text": "HEARTBEAT: Read HEARTBEAT.md. Execute priority tasks."}
  }]
}

Step 6: Memory Setup

MEMORY.md (long-term memory)

  • Keep under 20K chars (silently truncated above that)
  • Distilled wisdom, not raw logs

Daily notes (raw logs)

memory/YYYY-MM-DD.md

Compaction warning

Default compaction mode "safeguard" silently fails above 180K tokens. Enable active memory if you want automatic context pulls.

Common Issues & Fixes

IssueFix
SyntaxError on startupNode.js too old. nvm install 24
Telegram breaks after updatePin version: npm i -g openclaw@4.15
MEMORY.md content disappearsKeep under 20K chars
Gateway binds 0.0.0.0Change to 127.0.0.1 immediately
API costs too highRoute simple tasks to DeepSeek/Kimi
Cron jobs 403 errorsUse sessionTarget "main" with systemEvent, not "isolated"
Dreams cron breaks in 4.12Disable dreams, use regular cron

ClawHub Safety

⚠️ 20%+ of ClawHub skills are malicious (per the founder). 1,184+ confirmed malicious skills since January 2026. Snyk found 36% have prompt injection patterns.

Protection:

{
  "skills": {
    "allowListOnly": true
  }
}

Only install skills you've verified. Check publisher GitHub repos. Never paste install commands from SKILL.md without reading them first.

Verification

After setup, confirm everything works:

openclaw gateway status    # Should show "running"
openclaw skills list       # Should show installed skills

Send a test message through your connected channel. If the agent responds — you're live.

Comments

Loading comments...