Openclaw Deploy
WarnAudited by ClawScan on May 10, 2026.
Overview
This deployment skill is mostly purpose-aligned, but its default “full” packaging can bundle local OpenClaw tokens, configuration, and conversation history, and one build script can delete an arbitrary output directory.
Install only if you understand the difference between clean and full packages. Prefer the clean package for sharing or testing. If using full migration, inspect the generated archive, avoid sending it to untrusted servers, and verify OUTPUT_DIR before running the build script.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A full package may give whoever receives or runs it access to the same OpenClaw-connected services and tokens.
The README states that the full package includes service configuration and gateway/Feishu tokens, meaning the package can carry account credentials to another server.
full 版本:包含当前所有配置(飞书、网关 token 等),可直接使用
Use the clean package unless you intentionally want to migrate credentials; inspect the full package before sharing or deploying it, and rotate tokens if a full package leaves your control.
Private workspace data, prior conversations, configuration, and persistent agent context may be copied into a portable package and reused on another system.
The build script copies the entire local OpenClaw configuration directory into the full portable package by default.
: "${OPENCLAW_CONFIG_DIR:=/home/$(whoami)/.openclaw}" ... cp -r "$OPENCLAW_CONFIG_DIR"/* "$OUTPUT_DIR/full/openclaw/.openclaw/"Add explicit prompts, exclusions, and a manifest of included files; users should set OPENCLAW_CONFIG_DIR to a sanitized directory or use the clean package for sharing.
If OUTPUT_DIR is set incorrectly, the script could delete unrelated local files or directories.
The script deletes the entire configured output directory before rebuilding, and OUTPUT_DIR can be set by the environment without visible path safety checks.
: "${OUTPUT_DIR:=$(pwd)/openclaw-portable-output}" ... rm -rf "$OUTPUT_DIR"Refuse dangerous paths such as /, $HOME, and existing non-package directories; require confirmation before deleting an existing output path.
Running the helper executes code downloaded from the network on the target machine.
The Node setup helper pipes a remote GitHub script directly into bash; this is a common setup pattern but relies on remote script integrity at install time.
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.0/install.sh | bash
Review the NVM install script first, pin and verify checksums where possible, or install Node.js through a trusted package manager.
OpenClaw may continue running in the background and be reachable on the configured network port until explicitly stopped.
The deployed service is configured to keep running after startup and expose the OpenClaw web UI port.
restart: unless-stopped ... ports: - "${CLEAN_PORT:-18789}:18789"Only deploy on trusted hosts, bind ports appropriately, and stop/remove the containers when no longer needed.