New Player Package 800
PassAudited by ClawScan on May 10, 2026.
Overview
This is an instruction-only setup guide with no bundled code, but following it would install several powerful OpenClaw add-ons and enable persistent or memory-related features.
This skill appears to be a deployment checklist rather than executable code. Before following the one-click script, review every package and skill it installs, verify the source of each dependency, back up your OpenClaw configuration, keep gateway tokens secret, and only enable memory/vector-search or task-persistence features for data and tasks you are comfortable storing.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the script may install or update code that changes the local OpenClaw environment.
The guide instructs installing global packages and multiple OpenClaw skills without versions or provenance details. This is expected for a setup guide, but users should verify sources before running it.
npm install -g clawhub uv ... clawhub install clawhub find-skills skill-creator clawddocs openclaw-anything clawdbot-filesystem ontology
Install only from trusted registries, review each skill before installation, and pin versions where possible.
If installed and used carelessly, these tools could modify configuration or local files.
The recommended skills include broad system-management and filesystem capabilities. These are disclosed and related to deployment optimization, but they are powerful tools.
openclaw-anything - System management operations ... clawdbot-filesystem - Advanced filesystem operations ... Batch renaming, directory analysis, file search, content extraction
Review the permissions and behavior of these skills separately, and avoid granting broad file or system access unless needed.
A gateway token controls access to the OpenClaw gateway and should be treated as sensitive.
The guide instructs users to configure a gateway authentication token. This is expected for fixing authentication, and the artifact does not show token collection or transmission.
Set environment variable: `export OPENCLAW_GATEWAY_TOKEN="your-consistent-token"`
Use a strong token, keep it out of shared logs or public files, and rotate it if exposed.
Private notes or documents could be stored in memory or vector indexes if the user configures those systems broadly.
The guide recommends memory/vector-search features that may store or retrieve user knowledge. The artifact does not define indexing scope, retention, or exclusions.
Ontology - Knowledge graph construction ... vector semantic search ... Configure embedding models and vector database
Before enabling vector search or memory plugins, decide which folders or data sources may be indexed and exclude sensitive material.
The agent environment may keep task state and resume work after restarts.
The guide recommends a persistence skill that monitors gateway status and restores tasks. This is disclosed and aligned with preventing task loss, but it implies ongoing stateful behavior.
task-persistence - Task persistence ... Auto-recover incomplete tasks, proactive restart status notifications
Confirm where task state is stored, how to disable it, and whether resumed tasks require user approval.