← Back to Skills Marketplace
codeblackhole1024

Openclaw Remote Install

by codeblackhole · GitHub ↗ · v1.0.1
cross-platform ⚠ suspicious
403
Downloads
0
Stars
1
Active Installs
3
Versions
Install in OpenClaw
/install openclaw-remote-install
Description
One-click remote OpenClaw deployment via SSH. Auto-detects OS and selects best method (Docker/Podman/npm). Use when: (1) Installing on VPS/cloud servers, (2)...
Usage Guidance
This skill appears to do what it says — remote SSH installation and configuration — but it uses several insecure practices you should weigh before running it on production systems: - Prefer SSH key-based authentication; avoid password-based usage with sshpass (passwords on command lines can leak via shell history and process lists). - The scripts disable SSH host key checking (StrictHostKeyChecking=no); enable host key verification in your environment to avoid MITM risks. - The installer may execute 'curl | sh' (get.docker.com) on the remote host and pulls a Docker image named openclawai/openclaw:latest — verify the image source and content before trusting it. - The Python script and installer print remote command output (including config contents) into local logs under ~/.openclaw/remote-install-logs; that output may contain secrets or API keys. If you must use this tool, ensure logs are stored securely, or clear/rotate secrets after use. - Use the '--secret-mode ref' approach and set required API keys as environment variables on the remote host rather than passing them inline. If the tool forces inline secrets for some workflows, avoid those workflows. - Test on an isolated VM or staging host first. Review the Docker image and any remote install commands manually, and consider running the installer with increased verbosity and a dry-run to inspect what it would do. If you want a stronger assurance, ask the author for: (1) provenance of the Docker image (official repo or signed release), (2) a verified checksum or signed release for any install scripts, and (3) an option to keep host key checking enabled and to suppress logging of remote config contents. If those are provided, my confidence in safety would increase.
Capability Analysis
Type: OpenClaw Skill Name: openclaw-remote-install Version: 1.0.1 The bundle provides tools for remote installation and configuration of OpenClaw via SSH. It includes a bash script (install_openclaw_remote.sh) and a Python script (configure_openclaw_remote.py) that handle SSH credentials and execute remote commands, including 'curl | bash' installers from openclaw.ai. While these capabilities are aligned with the stated purpose of remote deployment, they involve high-risk patterns such as disabling SSH host key verification (StrictHostKeyChecking=no), using sshpass for password authentication, and handling sensitive API keys. No evidence of intentional malice or data exfiltration was found, but the broad remote execution capabilities and credential handling warrant a cautious classification.
Capability Assessment
Purpose & Capability
Name/description align with the delivered artifacts: scripts perform remote SSH installation, OS detection, select Docker/Podman/npm, and run post-install configuration. Nothing requested appears unrelated to a remote installer.
Instruction Scope
Instructions and scripts read remote configuration, print remote config contents to stdout (which the installer captures in local logs), accept inline API keys, and recommend/allow password-based auth. They also disable SSH host key checking (StrictHostKeyChecking=no) and UserKnownHostsFile=/dev/null. These behaviors expand scope to collecting and persisting potentially sensitive data and weaken SSH security.
Install Mechanism
No packaged install spec (instruction-only) — the script runs remote package installs and may execute 'curl -fsSL https://get.docker.com | sh' on the remote host and pull Docker image openclawai/openclaw:latest. Using well-known hosts (get.docker.com, npm/pnpm, Docker Hub) is expected, but piping remote curl to sh and pulling an image from an unverified repo are riskier than purely declarative installs.
Credentials
The skill does not demand unrelated credentials, and supports the expected API keys for model providers. However it permits inline API keys and password arguments that can appear in process lists, command output, and the local log directory (~/.openclaw/remote-install-logs), increasing risk of secret leakage. The SKILL.md suggests env-var refs, but the code still supports and documents less-secure modes.
Persistence & Privilege
always is false; the skill writes logs under the user's home (~/.openclaw/remote-install-logs) and creates a symlink 'latest' — this is scoped to the skill and consistent with an installer. The skill does not modify other skills' configs nor request platform-wide persistence.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install openclaw-remote-install
  3. After installation, invoke the skill by name or use /openclaw-remote-install
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Optimized description for better discoverability
v1.1.0
- Added support for asynchronous/background remote installation with progress and status monitoring. - New logging system: installation logs, outputs, status, and process IDs are saved per-host under `~/.openclaw/remote-install-logs/` with a `latest` symlink. - Option to customize the log directory with the `--log-dir` flag. - Documentation updated to reflect async install workflow and new log structure. - No changes to installation methods or command-line usage for standard installs.
v1.0.0
Initial release - Remote SSH installation and configuration of OpenClaw
Metadata
Slug openclaw-remote-install
Version 1.0.1
License
All-time Installs 1
Active Installs 1
Total Versions 3
Frequently Asked Questions

What is Openclaw Remote Install?

One-click remote OpenClaw deployment via SSH. Auto-detects OS and selects best method (Docker/Podman/npm). Use when: (1) Installing on VPS/cloud servers, (2)... It is an AI Agent Skill for Claude Code / OpenClaw, with 403 downloads so far.

How do I install Openclaw Remote Install?

Run "/install openclaw-remote-install" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Openclaw Remote Install free?

Yes, Openclaw Remote Install is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Openclaw Remote Install support?

Openclaw Remote Install is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Openclaw Remote Install?

It is built and maintained by codeblackhole (@codeblackhole1024); the current version is v1.0.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments