ClawHub

OpenClaw配置管理最佳实践

v1.0.0

OpenClaw configuration management best practices and common pitfalls. Use when: (1) User needs to modify OpenClaw configuration, (2) User asks about config paths or structure, (3) User encountered config errors, (4) Adding new providers or channels, (5) Before making any config changes - to avoid common mistakes like wrong paths or direct JSON editing.

0· 1.1k·6 current·6 all-time
by@jacktian010105
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the content: the skill provides guidance and examples for viewing and patching OpenClaw configuration. It does not declare unrelated requirements (no binaries, env vars, or installs).
Instruction Scope
SKILL.md limits instructions to reading and patching configuration using gateway commands, consulting a path reference, and validating changes. It does not instruct the agent to read arbitrary system files, collect unrelated data, or call external endpoints beyond the documented gateway CLI commands.
Install Mechanism
No install spec and no code files—instruction-only skills are lowest-risk for disk writes or arbitrary code execution.
Credentials
The skill requests no environment variables, credentials, or config paths. The reference file includes placeholder examples (apiKey, tokens) which are appropriate examples for a config guide and do not imply the skill needs those secrets itself.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request permanent presence or modifications to other skills or system-wide settings.
Assessment
This is a guidance-only skill for safely editing OpenClaw config—it appears coherent and low-risk. Before applying changes: always back up your configuration, prefer gateway config.patch over full apply, and validate with gateway config.get. Never paste real secrets into public chat logs; if you must include tokens in a patch, apply them in a secure environment or use the gateway's secret storage. If you want extra assurance, test changes in a staging instance first.

Like a lobster shell, security has layers — review code before you run it.

latestvk9770sd002r2kse4v5nrndg9v980x935

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments