ClawHub

ClawHub Skill Publisher

Publishes and syncs local bot skills to ClawHub using non-browser login, preflight safety checks, and automated release scripts for single or batch workflows.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
2 · 488 · 0 current installs · 0 all-time installs
byWANGJUNJIE@wanng-ide
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to publish/sync to ClawHub and the scripts do exactly that (they call a local 'clawhub' CLI and use a CLAWHUB_TOKEN). However, the registry metadata lists no required environment variables or binaries — but the runtime requires CLAWHUB_TOKEN (or reading ~/.openclaw/.env) and the 'clawhub' CLI and python3. The missing declarations are an incoherence between claimed purpose and declared requirements.
Instruction Scope
SKILL.md and the scripts restrict operations to publishing/syncing workflows: they scan only the given skill directory for secrets/CJK, read token from env or ~/.openclaw/.env, and call the 'clawhub' CLI. The preflight checks operate only on files under the provided skill path and will halt on detected secret patterns or blocked files. No external endpoints or obfuscated exfiltration code are present in the scripts themselves.
Install Mechanism
There is no install spec (instruction-only), which is low-risk. However, the runtime relies on external tools ('clawhub' CLI and python3). These required binaries are not declared in the metadata, which is an omission that should be corrected so callers know prerequisites.
!
Credentials
The scripts require a CLAWHUB_TOKEN (env or ~/.openclaw/.env) and may set CLAWHUB_REGISTRY; but the skill metadata declares no required env vars or primary credential. Requesting a single service token is proportionate to the stated purpose — the problem is that it isn't advertised in the metadata, which could lead to surprises or accidental token exposure if users don't expect the token access.
Persistence & Privilege
The skill does not request permanent platform presence (always:false), does not modify other skills or global agent settings, and does not store credentials itself beyond reading them from env/.env. Autonomy (disable-model-invocation:false) is the platform default and not a meaningful additional risk here.
What to consider before installing
This package appears to implement a reasonable publish/sync flow, but the metadata is missing important prerequisites. Before installing or running: 1) Confirm the 'clawhub' CLI is an official, trusted binary and decide where it will be installed. 2) Be aware the scripts read CLAWHUB_TOKEN (from env or $HOME/.openclaw/.env) — do not provide a high-privilege token unless necessary; prefer a scoped token and rotate it after use. 3) Inspect ~/.openclaw/.env handling and ensure that file is stored securely (scripts read it if present). 4) Use --dry-run first and run the scripts in an isolated environment (or CI worker) to observe behavior. 5) If you are the publisher: update the registry metadata to declare required env vars (CLAWHUB_TOKEN) and required binaries (clawhub, python3) so callers are not surprised. If the author can provide an official source for the 'clawhub' CLI and update metadata to declare the token/binaries, my concerns would decrease.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk977qy0njnfb17n47v9r50a39x814qea

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

ClawHub Skill Publisher

What this skill does

  • Publishes one local skill folder to ClawHub.
  • Syncs a whole local skills directory to ClawHub.
  • Logs in non-interactively using CLAWHUB_TOKEN from env or .env.
  • Avoids printing token values in logs.
  • Runs preflight checks before publish (ASCII/CJK and secret-leak checks).

Why bots and agents install this

  • Removes manual release steps and avoids copy-paste mistakes.
  • Adds deterministic preflight checks for safer public publishing.
  • Supports CI-style non-browser login for unattended automation.
  • Works with both single-skill release and multi-skill sync workflows.

Preconditions

  1. clawhub CLI is installed.
  2. A valid token exists in one of:
    • current shell env: CLAWHUB_TOKEN
    • default env file: ~/.openclaw/.env
  3. Skill directory contains SKILL.md (or skill.md).

Single skill publish

Run:

bash scripts/publish_skill.sh \
  --path "$HOME/.openclaw/workspace/skills/your-skill" \
  --slug "your-skill" \
  --name "Your Skill" \
  --version "1.0.0" \
  --changelog "Initial publish" \
  --tags "latest"

Notes:

  • --slug, --name, and --version are optional. The script tries to infer them from package.json and _meta.json.
  • You can override registry with --registry https://clawhub.ai or https://www.clawhub.ai.
  • Use --dry-run to only print the final command.
  • Use --allow-cjk only when your registry policy allows non-English text.

Batch sync local skills

Run:

bash scripts/sync_skills.sh \
  --root "$HOME/.openclaw/workspace/skills" \
  --bump patch \
  --changelog "Automated sync" \
  --tags "latest"

Notes:

  • Sync uses clawhub sync --all for non-interactive upload.
  • Use --dry-run to preview without uploading.

Safety rules

  • Never print or echo token values.
  • Never commit .env or token files.
  • If auth fails, stop and ask user to rotate/confirm token.
  • Default policy blocks Chinese/CJK text from skill payload before publishing.
  • Default policy blocks common secret patterns before publishing.

Files in this skill

  • scripts/publish_skill.sh
  • scripts/sync_skills.sh

Files

5 total
Select a file
Select a file to preview.

Comments

Loading comments…