← Back to Skills Marketplace
OpenClaw Mobile Gateway Installer
by
jason141123-sys
· GitHub ↗
· v1.0.4
· MIT-0
300
Downloads
0
Stars
0
Active Installs
5
Versions
Install in OpenClaw
/install openclaw-mobile-gateway-installer
Description
Installs and manages OpenClaw mobile gateway as a system service. Invoke when users need one-command deploy, start, stop, upgrade, or uninstall.
Usage Guidance
Before installing, consider the following: (1) The package requires OPENCLAW_API_BASE_URL and (optionally) an auth token, but the registry metadata did not declare those—treat that as a red flag. (2) The installer writes the auth header value to /etc/openclaw-mobile-gateway/env; verify file permissions and consider avoiding embedding long-lived secrets in a world-readable file. (3) The backend exposes many admin endpoints and appears to load ~/.openclaw/openclaw.json and runtime skill directories — it can therefore access local OpenClaw config and any API keys stored there. (4) The code imports child-process execution (execFileSync) — confirm how it is used and whether any exposed endpoint can trigger arbitrary command execution. (5) The service listens on the configured PORT (defaults to 4800) and is intended to be reachable externally (APK URL example); ensure network exposure is restricted (firewall, binding to localhost, or run behind a reverse proxy with auth). (6) Recommended actions: audit the backend code (services.ts) especially uses of execFileSync and any endpoints that mutate system state; run the installer in an isolated VM/container first; set a dedicated unprivileged RUN_USER and tighten /etc/openclaw-mobile-gateway/env permissions; set up authentication (securityConfig) before exposing to untrusted networks; update registry metadata to declare required envs so users know what secrets will be needed. If you cannot audit the code, avoid installing it on sensitive/production hosts.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-mobile-gateway-installer
Version: 1.0.4
The bundle installs a system-level gateway service that manages OpenClaw instances via a Node.js backend. While the behavior aligns with the stated purpose, it exhibits high-risk capabilities, including extensive use of 'sudo' in 'install.sh' and 'check.sh' to manipulate systemd services and environment files. The backend ('services.ts') uses 'execFileSync' to execute shell commands like 'systemctl', 'journalctl', and the 'openclaw' CLI based on API requests, which could lead to privilege escalation or unauthorized system control if the API is exposed without proper authentication.
Capability Assessment
Purpose & Capability
The files and scripts match the stated purpose: install a Node.js HTTP admin/gateway as a systemd service. However the registry metadata claims 'no required env vars' while install.sh requires OPENCLAW_API_BASE_URL (and the README/SKILL.md recommend OPENCLAW_AUTH_HEADER_VALUE). That metadata mismatch is an incoherence that should be corrected.
Instruction Scope
SKILL.md instructs the user to provide an auth header value and run install.sh, which writes those values into /etc/openclaw-mobile-gateway/env. The backend exposes many management endpoints (models, skills, channels, agents, memory, cron jobs, routing, 'probe' and chat proxying, etc.). The code reads local config (~/.openclaw/openclaw.json) and runtime skill directories, and imports child-process functionality (execFileSync). There is no obvious authentication middleware in the visible code and securityConfig.accessPasswordSet defaults to false — so the service could expose powerful admin operations and local config/credentials if reachable.
Install Mechanism
This is instruction-only (no remote download in install spec). The install script rsyncs local backend files to /opt and runs 'npm install', which will fetch packages from npm registry. That is expected for a Node.js app but still pulls third-party packages at install time (moderate risk). No external arbitrary binary downloads are present in the bundle.
Credentials
The skill bundle metadata lists no required env vars, but install.sh and SKILL.md require OPENCLAW_API_BASE_URL and recommend OPENCLAW_AUTH_HEADER_VALUE (a bearer token). The installer writes these values into /etc/openclaw-mobile-gateway/env (as root, without explicit restrictive permissions), and the backend will use env/config and also read ~/.openclaw/openclaw.json and other local dirs. Asking for an auth token is expected for a gateway, but the missing metadata declaration and the fact the token is stored in a system file (potentially world-readable) and the service exposes management endpoints are disproportionate risks that the user should understand.
Persistence & Privilege
The installer creates and enables a systemd service (openclaw-mobile-gateway) and enables automatic start — this matches the skill's purpose. The service runs as a chosen RUN_USER (defaults to SUDO_USER or current user) and therefore persists across reboots. This persistence combined with the exposed admin HTTP API and filesystem access increases the attack surface but is functionally coherent with the described installer role.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-mobile-gateway-installer - After installation, invoke the skill by name or use
/openclaw-mobile-gateway-installer - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.4
Version 1.0.4 of openclaw-mobile-gateway-installer
- No file or documentation changes detected in this release.
v1.0.3
Version 1.0.3 of openclaw-mobile-gateway-installer
- No file changes detected in this release.
- No updates to features, commands, or documentation.
v1.0.2
Version 1.0.2
- Added "常见排查" (troubleshooting) section to the documentation.
- Now includes instructions for resolving the "Cannot GET /api/quick-actions" error by re-running the installation script.
v1.0.1
- No file changes detected in this version.
- No updates or modifications were made to the project.
v1.0.0
## 1.0.0
- Initial release
- One-command install/upgrade/uninstall for OpenClaw mobile gateway
- Systemd auto-start service support
- Health check and troubleshooting commands
Metadata
Frequently Asked Questions
What is OpenClaw Mobile Gateway Installer?
Installs and manages OpenClaw mobile gateway as a system service. Invoke when users need one-command deploy, start, stop, upgrade, or uninstall. It is an AI Agent Skill for Claude Code / OpenClaw, with 300 downloads so far.
How do I install OpenClaw Mobile Gateway Installer?
Run "/install openclaw-mobile-gateway-installer" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw Mobile Gateway Installer free?
Yes, OpenClaw Mobile Gateway Installer is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does OpenClaw Mobile Gateway Installer support?
OpenClaw Mobile Gateway Installer is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw Mobile Gateway Installer?
It is built and maintained by jason141123-sys (@jason141123-sys); the current version is v1.0.4.
More Skills