← Back to Skills Marketplace
apsntian

SecretClaw

by apsntian · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
266
Downloads
2
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install secretclaw
Description
Securely input API keys and sensitive values into OpenClaw without typing them in chat. Uses a local HTTP server + Cloudflare Tunnel to serve an HTTPS form....
Usage Guidance
This skill implements what it says (a one-time HTTPS form that saves the submitted value to an OpenClaw config path), but there are several practical and security points to consider before installing: - Metadata mismatch: the package claims no required binaries, but the script requires both 'cloudflared' and the 'openclaw' CLI. Ensure you or your environment have both installed and that you trust those binaries. - High-power action: the script will run 'openclaw config set <config_key> <value>' for whatever config_key you pass. That means an agent-initiated run can overwrite any OpenClaw config entry (including Discord tokens, API keys, or other skills' secrets). Only allow this skill for trusted agents and verified runs. - Tunnel exposure: the submitted secret is sent from your browser through a Cloudflare Quick Tunnel to your local server. The tunnel URL is unguessable but effectively grants access to anyone who obtains the link while it's live. Share the URL only through secure channels and ensure it is used immediately. - Audit the code and runtime: because this is a script that will execute subprocesses, review the included script (you already have it) and test it in a safe environment. Confirm that TUNNELS.md and any config changes meet your audit policies and that tunnel entries are removed after shutdown. - Safer alternatives: if you require stronger assurance, consider entering secrets locally into a trusted vault or using an approach that does not expose a public URL (e.g., a local-only form or system clipboard transfer under user control). If you decide to install/enable: verify 'cloudflared' and 'openclaw' versions from trusted sources, restrict agent permissions to trusted users, and test the flow with a low-privilege config key first.
Capability Analysis
Type: OpenClaw Skill Name: secretclaw Version: 1.0.0 The 'secretclaw' skill provides a secure mechanism for users to input sensitive API keys into OpenClaw without exposing them in chat logs. It implements a temporary local HTTP server (scripts/secret_server.py) exposed via a Cloudflare Quick Tunnel, utilizing one-time tokens and immediate self-destruction after the secret is saved via the 'openclaw' CLI. The implementation is transparent, follows its documented purpose, and lacks any indicators of malicious intent or data exfiltration.
Capability Assessment
Purpose & Capability
The SKILL.md/README claim no required binaries or env vars, but the script requires two external binaries at runtime: 'cloudflared' (to create the HTTPS tunnel) and 'openclaw' (to run 'openclaw config set'). Declaring none is an incoherence in the metadata. The script also writes workspace/TUNNELS.md — expected for a tunnel manager, but something the metadata did not enumerate.
Instruction Scope
Runtime instructions and the included Python implement exactly the advertised workflow: start local HTTP server, open Cloudflare Quick Tunnel, return a one-time URL, accept a secret, call 'openclaw config set <config_key> <value>', then shut down. However the agent (and anyone who can access the URL while it's live) can set any OpenClaw config key supplied to the script (examples explicitly include 'channels.discord.token' and arbitrary skill config paths). That power is consistent with the stated goal but expands the blast radius: the mechanism can overwrite other credentials and config entries.
Install Mechanism
There is no install spec (instruction-only skill with an included script), so nothing is downloaded or written by an installer. The runtime does rely on local binaries ('cloudflared' and 'openclaw'), but there is no package fetch from unknown URLs. No extraction of remote archives is performed by the skill itself.
Credentials
The skill declares no required env vars but needs binaries present; this mismatch is problematic (user must ensure cloudflared and openclaw are installed). The script does not request unrelated credentials, nor does it exfiltrate the submitted secret to developer-owned servers; however the secret traverses Cloudflare's Quick Tunnel (the request goes through Cloudflare infrastructure) and the skill can write arbitrary config keys inside OpenClaw — including other skills' tokens — so it can be used to inject or overwrite high-value credentials.
Persistence & Privilege
always:false (normal). The script writes and updates workspace/TUNNELS.md and runs a cloudflared process while live; entries are removed on shutdown. It does not autonomously enable itself or change other skills' code, but it can modify OpenClaw configuration (via 'openclaw config set'), which is expected for its purpose but is a privileged action regarding agent configuration.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install secretclaw
  3. After installation, invoke the skill by name or use /secretclaw
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: secure secret input via Cloudflare Tunnel
Metadata
Slug secretclaw
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is SecretClaw?

Securely input API keys and sensitive values into OpenClaw without typing them in chat. Uses a local HTTP server + Cloudflare Tunnel to serve an HTTPS form.... It is an AI Agent Skill for Claude Code / OpenClaw, with 266 downloads so far.

How do I install SecretClaw?

Run "/install secretclaw" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is SecretClaw free?

Yes, SecretClaw is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does SecretClaw support?

SecretClaw is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created SecretClaw?

It is built and maintained by apsntian (@apsntian); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments