← Back to Skills Marketplace
290
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install domain-registration
Description
Register, transfer, renew, and secure domains across major provider APIs and dashboards with provider-specific workflows and rollback-safe execution.
README (SKILL.md)
Setup
On first use, read setup.md to align activation boundaries, provider preferences, and approval rules before any registration, transfer, or renewal action.
When to Use
Use this skill when the user needs domain registration operations across major providers and must choose between API automation and dashboard execution.
Use this for first-time registration, transfer planning, renewals, ownership checks, DNS handoff, and registrar security hardening where billing and service continuity are high impact.
Architecture
Memory lives in ~/domain-registration/. See memory-template.md for structure and status values.
~/domain-registration/
|-- memory.md # Provider preferences, risk boundaries, and approval model
|-- inventory.md # Domain inventory, provider, expiry, and lock status
|-- changes.md # Registration, transfer, and renewal action log
|-- providers.md # Account aliases, API readiness, and dashboard access notes
`-- incidents.md # Failed transfers, renewal misses, and mitigation history
Quick Reference
Use the smallest file needed for the current task.
| Topic | File |
|---|---|
| Setup and activation behavior | setup.md |
| Memory structure and status model | memory-template.md |
| Provider API and dashboard matrix | provider-matrix.md |
| New registration workflows by provider | registration-playbooks.md |
| Transfer and renewal execution patterns | transfer-renewal.md |
| DNS and account security controls | dns-security-controls.md |
Provider Coverage
This skill covers API and dashboard workflows for major domain providers.
| Provider | API Coverage | Dashboard Coverage | Primary Use Notes |
|---|---|---|---|
| GoDaddy | Public Domains API | Yes | Broad retail registrar operations |
| Namecheap | XML API | Yes | Domain lifecycle plus full DNS replace patterns |
| Route 53 Domains (AWS) | AWS Route53Domains API | Yes | Enterprise workflows via IAM-scoped automation |
| Cloudflare Registrar | DNS and zone API + registrar-adjacent ops | Yes | Registration lifecycle mostly dashboard-driven |
| Google Cloud Domains | Cloud Domains API | Yes | Portfolio management in Google Cloud projects |
| Squarespace Domains | No public registrar API | Yes | Dashboard-only lifecycle for Google Domains migrations |
| Dynadot | Public API | Yes | Cost-efficient registration and renewal workflows |
| Porkbun | Public JSON API | Yes | Fast API-first retail and small portfolio use |
| Name.com | Public REST API | Yes | Programmatic registration and transfer actions |
| Gandi | Public v5 API | Yes | EU-focused registrar and DNS lifecycle controls |
| OVHcloud Domains | Public API | Yes | Regional portfolio with API-backed operations |
| Tucows OpenSRS / Enom | Reseller APIs | Yes (reseller panels) | Reseller and wholesale portfolio operations |
Core Rules
1. Classify Provider and Interface Before Planning
- Identify registrar, account context, and whether the operation should run via API or dashboard.
- If API support is partial, split execution clearly: API for read/validation, dashboard for billing-sensitive writes.
2. Run Registration Preflight Every Time
- Validate domain availability from the target registrar directly, then confirm TLD rules, premium status, and renewal price.
- Confirm legal/trademark risk and required contact profile before submitting payment actions.
3. Choose the Lowest-Risk Execution Path
- Prefer API for repeatable bulk operations with audit logs; prefer dashboard when provider APIs do not expose required lifecycle steps.
- For first-time provider usage, run one-domain pilot before any batch purchase or transfer.
4. Gate Billing and Ownership Actions with Explicit Confirmation
- Registration, transfer, auto-renew changes, and WHOIS contact writes need explicit user confirmation.
- Confirm domain list, years, currency impact, and ownership target before execution.
5. Preserve Rollback State Before Mutating DNS or Nameservers
- Snapshot current DNS and nameserver state before transfer or registrar migration.
- Keep rollback-ready records so the prior state can be restored quickly if propagation or ownership validation fails.
6. Enforce Registrar Security Baseline Post-Registration
- Enable account 2FA, registrar lock, and renewal monitoring immediately after successful purchase or transfer.
- Add DNSSEC only after authoritative DNS compatibility is confirmed for the target provider.
7. Verify Outcomes and Log Durable Context
- Verify success with provider API/dashboard confirmation plus resolver-level checks (
dig, WHOIS status, nameserver visibility). - Update
~/domain-registration/memory files with provider choice, lifecycle dates, and known edge cases.
Common Traps
- Treating all providers as API-equivalent -> missing lifecycle steps because some registrars are dashboard-only for critical actions.
- Skipping premium renewal checks -> surprise annual billing that exceeds initial purchase assumptions.
- Running batch registration without one-domain pilot -> multiplied failures from bad contact, tax, or payment configuration.
- Forgetting 60-day transfer lock rules -> transfer plans fail despite valid auth codes.
- Replacing DNS records without full snapshot -> incomplete rollback during cutover incidents.
- Enabling DNSSEC before DS/zone readiness -> domain resolution failures after migration.
- Leaving domains without renewal monitoring -> avoidable expiration and brand abuse risk.
External Endpoints
| Endpoint | Data Sent | Purpose |
|---|---|---|
| https://api.godaddy.com | Domain queries, registration and management payloads | GoDaddy API lifecycle operations |
| https://sso.godaddy.com | Authenticated account actions | GoDaddy dashboard operations |
| https://api.namecheap.com/xml.response | Domain and DNS XML parameters | Namecheap API actions |
| https://ap.www.namecheap.com | Account and billing interactions | Namecheap dashboard operations |
| https://route53domains.us-east-1.amazonaws.com | Domain lifecycle API payloads via AWS signatures | Route 53 Domains automation |
| https://console.aws.amazon.com | Account and domain dashboard actions | AWS console execution and validation |
| https://api.cloudflare.com | Zone and registrar-adjacent configuration payloads | Cloudflare DNS and registrar workflow support |
| https://dash.cloudflare.com | Registrar and account dashboard actions | Cloudflare registrar lifecycle tasks |
| https://domains.googleapis.com | Cloud Domains API requests | Google Cloud Domains operations |
| https://console.cloud.google.com | Cloud Domains dashboard actions | Google Cloud portfolio management |
| https://account.squarespace.com | Account and domain dashboard interactions | Squarespace Domains lifecycle actions |
| https://api.dynadot.com | Domain command parameters | Dynadot API operations |
| https://porkbun.com/api/json/v3 | Domain and DNS JSON payloads | Porkbun API lifecycle operations |
| https://api.name.com | Domain, DNS, and transfer payloads | Name.com API actions |
| https://api.gandi.net | Domain and DNS JSON payloads | Gandi v5 API operations |
| https://api.ovh.com | Domain lifecycle API payloads | OVHcloud domain operations |
| https://api.opensrs.com | Reseller domain payloads | Tucows OpenSRS operations |
| https://reseller.enom.com/interface.asp | Reseller panel interactions | Enom dashboard and reseller lifecycle actions |
No other data is sent externally.
Security & Privacy
Data that leaves your machine:
- Registrar API requests and dashboard session traffic needed for domain lifecycle operations.
- Domain names, contact metadata, and operation parameters required by selected providers.
Data that stays local:
- Operational preferences and provider context in
~/domain-registration/. - Change history, rollback state references, and incident notes.
This skill does NOT:
- Execute undeclared endpoints.
- Approve billing-impacting domain actions without explicit confirmation.
- Store credentials in skill files.
- Bypass provider security or anti-abuse controls.
Trust
This skill can send domain lifecycle data to third-party registrar services when the user approves execution. Only install if you trust the selected providers and local credential handling practices.
Related Skills
Install with clawhub install \x3Cslug> if user confirms:
dns- DNS records, propagation behavior, and incident troubleshootingapi- API request design, authentication, and failure handlinghosting- Hosting cutovers coordinated with domain and DNS transitionsssl- Certificate validation and HTTPS recovery after DNS or registrar changesinfrastructure- Environment architecture and operations runbooks
Feedback
- If useful:
clawhub star domain-registration - Stay updated:
clawhub sync
Usage Guidance
This skill appears to be what it says: a set of playbooks and checklists for registrar APIs and dashboard flows that will create a ~/domain-registration/ directory to store operational notes and logs. Before installing or using it: 1) Decide where you'll keep registrar API credentials (do not store them in the memory files the skill creates); 2) Be prepared to approve any billing actions manually — the skill emphasizes ask-first for purchases/transfers; 3) Back up current DNS/WHOIS state before allowing the skill to perform changes; and 4) If you plan to let the agent use provider APIs, supply credentials via a secure secret manager or prompt at runtime rather than putting secrets into the skill's files. Overall the package is coherent and low installation risk, but treat API keys and payment/billing steps carefully.
Capability Analysis
Type: OpenClaw Skill
Name: domain-registration
Version: 1.0.0
The domain-registration skill is a professional tool designed for managing domain lifecycles across multiple registrars like GoDaddy, AWS Route 53, and Cloudflare. It incorporates strong safety patterns, including mandatory preflight checks, explicit user confirmation for billing-sensitive actions, and post-operation verification using tools like 'dig' and 'whois'. The skill maintains local state in '~/domain-registration/' and explicitly forbids storing credentials in its memory files, focusing instead on operational continuity and security best practices.
Capability Assessment
Purpose & Capability
The name/description match the requested capabilities. Required binaries (curl, jq, dig, whois) are appropriate for registrar API calls, JSON parsing, DNS checks, and WHOIS lookups. Provider coverage and playbooks align with the stated purpose. One minor mismatch: example CLI snippets reference placeholders like ${PROVIDER_TOKEN} and ${PROVIDER_API} even though the skill declares no required env vars; this appears to be placeholders for runtime-supplied credentials rather than unexpected secrets requests.
Instruction Scope
SKILL.md and the included playbooks limit actions to provider API/dashboard interactions, DNS validation, and local audit files in ~/domain-registration/. The instructions explicitly gate billing/ownership writes with user confirmation and instruct the agent not to store raw credentials in memory files. There are no instructions to read unrelated system files or exfiltrate data to unknown endpoints. Note: the skill includes curl examples that assume provider tokens/URLs will be supplied at runtime; ensure those tokens are provided securely and not written into the skill's memory files.
Install Mechanism
Instruction-only skill with no install spec or remote downloads; nothing is written by an installer and no external packages are pulled. This is low-risk from an installation standpoint.
Credentials
The skill declares no required environment variables or primary credential, but the documentation clearly expects provider API credentials/auth models (API keys, tokens, IAM roles) for many actions. This is not necessarily malicious — it appears to expect credentials to be supplied interactively or via the user's normal credential management — but the skill does not declare or manage those secrets itself. Users should confirm how and where they will provide API keys (environment, secret manager, or manual dashboard use) and avoid storing raw tokens in the ~/domain-registration/ files as the docs advise.
Persistence & Privilege
The skill is not always-enabled, can be invoked by the user, and is allowed autonomous invocation (platform default). It writes operational state under a dedicated ~/domain-registration/ directory, which is appropriate for its function. It does not request system-wide privileges or modify other skills. There is no indication of excessive persistence requirements.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install domain-registration - After installation, invoke the skill by name or use
/domain-registration - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release with cross-provider registration playbooks for major registrar APIs, dashboards, transfer flows, and post-purchase security controls.
Metadata
Frequently Asked Questions
What is Domain Registration?
Register, transfer, renew, and secure domains across major provider APIs and dashboards with provider-specific workflows and rollback-safe execution. It is an AI Agent Skill for Claude Code / OpenClaw, with 290 downloads so far.
How do I install Domain Registration?
Run "/install domain-registration" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Domain Registration free?
Yes, Domain Registration is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Domain Registration support?
Domain Registration is cross-platform and runs anywhere OpenClaw / Claude Code is available (linux, darwin, win32).
Who created Domain Registration?
It is built and maintained by Iván (@ivangdavila); the current version is v1.0.0.
More Skills