← Back to Skills Marketplace
bigrobinson

ROS2 Execution

by Brian Robinson · GitHub ↗ · v1.0.1 · MIT-0
cross-platform ✓ Security Clean
114
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install ros2-execution
Description
Execute ROS 2 commands (run, launch, call) in a sandboxed, allowlisted environment. Supports parameter profiles.
Usage Guidance
This skill appears to do what it says: it enforces an allowlist and runs ros2 commands via a safe wrapper. Before installing, review and do the following: (1) inspect and maintain config/packages.json to ensure only trusted packages are allowlisted; (2) be aware that the wrapper sources your ROS setup.bash to capture environment variables — if a workspace's setup.bash contains unexpected code it will run when sourced, so only use workspaces you trust; (3) profiles live under ~/.openclaw/workspace/ros_profiles — keep sensitive data out of those files; (4) the registry metadata omits required binaries/config paths (ros2, AMENT_PREFIX_PATH, config/), so expect to manually ensure your ROS environment is correctly sourced and that ros2 is available; (5) if you want to limit autonomous runs, consider disabling model invocation for this skill. If you need higher assurance, manually run the provided scripts in a controlled environment and audit any setup.bash files in your workspaces before enabling the skill.
Capability Analysis
Type: OpenClaw Skill Name: ros2-execution Version: 1.0.1 The ros2-execution skill provides a controlled environment for executing ROS 2 commands by utilizing a Python safety wrapper (scripts/safe_ros2_execution.py). It implements several security measures, including a package allowlist (config/packages.json), workspace path validation to ensure packages are sourced from approved locations, and the use of subprocess calls without a shell to mitigate injection risks. The setup script (scripts/setup.sh) automates environment discovery, and the SKILL.md instructions explicitly direct the AI agent to use the secure wrapper and follow safe parameter-handling practices.
Capability Assessment
Purpose & Capability
The skill's name/description match the provided scripts and SKILL.md: the wrapper enforces an allowlist and workspace checks before invoking ros2. However the registry metadata claims no required binaries/config paths while the SKILL.md and scripts clearly require a sourced ROS 2 environment (ros2 on PATH, AMENT_PREFIX_PATH) and write/read config files under the skill directory and ~/.openclaw/workspace. This is a minor metadata inconsistency, not a functional mismatch.
Instruction Scope
Instructions and the safe_ros2_execution.py wrapper stay within the declared purpose: they read config/config.json and config/packages.json, verify package prefixes, optionally read YAML profiles from ~/.openclaw/workspace/ros_profiles, and execute ros2 commands without shell=True. A noteworthy operational risk: the wrapper sources the ROS setup.bash via a bash -c 'source ... && env' call to build the environment — sourcing a setup.bash will execute whatever is in that file (typical for ROS but a potential vector if a workspace's setup.bash is malicious). This behavior is expected for a tool that must load ROS environments.
Install Mechanism
No remote install/downloads or package installs are specified; the skill is delivered as local scripts and an SKILL.md. No high-risk installer URLs or archive extraction are present.
Credentials
The skill requests no secrets or external credentials and only needs access to ROS environment variables, skill-local config/, and optional user profile YAMLs in ~/.openclaw/workspace. That is proportionate to its purpose. Again, the registry metadata not listing required config paths/binaries is inconsistent with the scripts' runtime requirements.
Persistence & Privilege
The skill does not request 'always: true' or modify other skills; it writes a config.json under its own directory via setup.sh and reads its own config and packages.json. Model/autonomous invocation is enabled by default (disable-model-invocation: false) which is normal for user-invocable skills.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install ros2-execution
  3. After installation, invoke the skill by name or use /ros2-execution
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- Switched secure execution wrapper from a shell script (`safe_ros2_execution.sh`) to a Python script (`safe_ros2_execution.py`) with improved security via subprocess handling. - Added support for parameter profiles and loading parameters from YAML files via `--profile` or `--params-file` flags. - Updated documentation for new Python script usage and parameter handling. - Deprecated usage of the shell script; all execution should now use the Python wrapper for safety and new features.
v1.0.0
Initial release of ros2-execution. - Enables secure execution of ROS 2 commands (run, launch, call) in a sandboxed, allowlisted environment. - Requires setup to discover ROS paths and configure allowed workspaces and packages. - All commands must be issued via the safe wrapper script, which enforces command type, workspace, and allowlist security checks. - Supports running nodes, launching files, calling services, and sending action goals.
Metadata
Slug ros2-execution
Version 1.0.1
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is ROS2 Execution?

Execute ROS 2 commands (run, launch, call) in a sandboxed, allowlisted environment. Supports parameter profiles. It is an AI Agent Skill for Claude Code / OpenClaw, with 114 downloads so far.

How do I install ROS2 Execution?

Run "/install ros2-execution" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is ROS2 Execution free?

Yes, ROS2 Execution is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does ROS2 Execution support?

ROS2 Execution is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created ROS2 Execution?

It is built and maintained by Brian Robinson (@bigrobinson); the current version is v1.0.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments