← Back to Skills Marketplace
j540

OpenClaw Setup on AWS (Free Tier) - Memory Upgrade

by j540 · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
2045
Downloads
0
Stars
4
Active Installs
1
Versions
Install in OpenClaw
/install openclaw-setup
Description
Set up a complete OpenClaw personal AI assistant from scratch using Claude Code. Walks through AWS provisioning, OpenClaw installation, Telegram bot creation, API configuration, Google Workspace integration, security hardening, and all power features. Give this to Claude Code and it handles the rest.
Usage Guidance
This skill will ask you for highly sensitive credentials (AWS account access, SSH private key, Anthropic/OpenAI/Groq keys, Telegram bot token, Google OAuth client_secret) and instruct an agent to use them to log into and configure your server. The metadata does not declare these secrets — a red flag. Before using it: (1) do NOT send your private .pem or long-lived master credentials to an AI; run SSH commands yourself or paste only the exact commands into your terminal; (2) prefer creating limited-scope, least-privilege API keys or IAM users (or temporary credentials) for setup; (3) restrict SSH access to your IP and use fail2ban/2FA; (4) verify the npm 'openclaw' package and any git repositories manually before installing; (5) consider performing Google OAuth client setup yourself and not handing client_secret.json to the agent; (6) if you are unsure, perform the install manually following the guide or ask a trusted human operator. The mismatch between declared metadata and the instructions is suspicious — proceed cautiously or avoid sharing secrets with the agent.
Capability Analysis
Type: OpenClaw Skill Name: openclaw-setup Version: 1.0.0 The skill instructs the AI agent to collect highly sensitive information (AWS account access, Anthropic, Groq, OpenAI API keys, Telegram bot token, Google Cloud credentials) directly from the user. It then directs the agent to SSH into the user's server using a provided `.pem` key and execute numerous `sudo` commands, including fetching and executing scripts from external sources (`curl -fsSL ... | sudo -E bash -` for Node.js, `git clone` and `make build` for `gogcli`). While these actions are plausibly necessary for the stated purpose of setting up a personal AI assistant on AWS, the extensive collection of credentials and the broad, privileged execution capabilities granted to the AI agent on the user's server represent significant security risks, classifying it as suspicious due to high-risk capabilities without clear malicious intent. All these instructions are found in `SKILL.md`.
Capability Assessment
Purpose & Capability
The skill's stated purpose (full OpenClaw install on AWS, Telegram bot, Google Workspace, voice, memory, etc.) reasonably requires AWS, Anthropic, Telegram, and optional Groq/OpenAI/Google credentials. However, the registry metadata declares no required env vars/credentials or config paths despite the instructions repeatedly asking for many secrets — an inconsistency that lowers trust.
Instruction Scope
SKILL.md tells the agent to 'ask the user for required information... then SSH into their server and run everything' and explicitly asks users to 'Send me the bot token' and to provide account/API keys and client_secret JSON. That instructs the agent to collect and handle private credentials and private SSH key material, and to execute arbitrary remote commands — well beyond a passive helper. The instructions give broad discretion to collect and transmit secrets and to run system-level commands.
Install Mechanism
This is an instruction-only skill (no install spec, no code files to execute). The setup commands shown are standard package installs (apt, nodesource, npm install -g, git clone). There are no opaque download URLs or extract/install steps supplied by the skill itself. Installation risk comes from running the recommended shell commands on your server, not from the skill bundling code.
Credentials
The number and sensitivity of secrets requested (AWS account access, private .pem, Anthropic key, Telegram bot token, optional Groq/OpenAI keys, Google OAuth client_secret) are high. While these are functionally needed for the described full-featured setup, the skill metadata lists none of them and the skill explicitly asks users to transmit private keys and tokens to the agent — an unsafe practice. No guidance is given to use least-privilege or ephemeral credentials.
Persistence & Privilege
always:false and default autonomous invocation are set (normal). The skill does not request persistent platform-wide privileges or to modify other skills. However, an autonomously-invokable agent that is instructed to receive many credentials and perform remote actions increases the blast radius: if you allow the agent to receive secrets, it could act on them autonomously.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install openclaw-setup
  3. After installation, invoke the skill by name or use /openclaw-setup
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: complete OpenClaw setup skill for Claude Code. Walks through AWS provisioning, OpenClaw install, Telegram bot, API config, Google Workspace, security hardening, and workspace personalization.
Metadata
Slug openclaw-setup
Version 1.0.0
License
All-time Installs 4
Active Installs 4
Total Versions 1
Frequently Asked Questions

What is OpenClaw Setup on AWS (Free Tier) - Memory Upgrade?

Set up a complete OpenClaw personal AI assistant from scratch using Claude Code. Walks through AWS provisioning, OpenClaw installation, Telegram bot creation, API configuration, Google Workspace integration, security hardening, and all power features. Give this to Claude Code and it handles the rest. It is an AI Agent Skill for Claude Code / OpenClaw, with 2045 downloads so far.

How do I install OpenClaw Setup on AWS (Free Tier) - Memory Upgrade?

Run "/install openclaw-setup" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is OpenClaw Setup on AWS (Free Tier) - Memory Upgrade free?

Yes, OpenClaw Setup on AWS (Free Tier) - Memory Upgrade is completely free (open-source). You can download, install and use it at no cost.

Which platforms does OpenClaw Setup on AWS (Free Tier) - Memory Upgrade support?

OpenClaw Setup on AWS (Free Tier) - Memory Upgrade is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created OpenClaw Setup on AWS (Free Tier) - Memory Upgrade?

It is built and maintained by j540 (@j540); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments