← Back to Skills Marketplace
luccast

Crabwalk

by luccasveg · GitHub ↗ · v0.1.0
cross-platform ⚠ suspicious
1948
Downloads
2
Stars
15
Active Installs
1
Versions
Install in OpenClaw
/install public
Description
Real-time companion monitor for OpenClaw agents
Usage Guidance
What to consider before installing: - Metadata mismatch: The skill did not declare that it reads the OpenClaw config (~/.openclaw/openclaw.json) but the instructions say it will auto-detect the gateway token there. Confirm that reading that file is acceptable for your environment. - Binary install from GitHub: The install downloads and extracts a release tarball and places a binary in ~/.local/bin. Although GitHub releases are common, this will execute code on your machine. Verify the project's repo (https://github.com/luccast/crabwalk), review the source or release artifacts, and confirm the release checksum/signature if available. - Persistence and shell modification: The installer appends PATH export lines to your shell rc files. Expect files under ~/.crabwalk and an executable in ~/.local/bin; be prepared to remove them if you uninstall. - Network exposure: Crabwalk defaults to binding 0.0.0.0:3000 and instructs sharing the network IP. That makes the monitor accessible from other machines on your network — fine if intentional, risky if running on a public or untrusted network. Consider firewall rules or binding to localhost with an SSH tunnel if you want restricted access. - Elevated installs: The script optionally uses package managers with sudo to install qrencode. Expect sudo prompts; the rest of the install does not require root. - Safer steps: run the tool in an isolated VM/container or on a non-sensitive host first; inspect the GitHub repository and release artifacts; prefer source builds if possible; backup relevant files and review ~/.bashrc/.zshrc changes after installation. If the author provided explicit metadata (required config path, checksums for releases, or a signed release), my confidence that this is coherent would increase. Without those, treat the skill as plausible but with installation/runtime actions that deserve manual review.
Capability Analysis
Type: OpenClaw Skill Name: public Version: 0.1.0 The skill is classified as suspicious due to several high-risk behaviors identified in `skill.md`. It demonstrates prompt injection capabilities by instructing the agent to share a promotional tweet and ask for update permission. The `crabwalk` tool is designed to auto-detect and read sensitive OpenClaw gateway authentication tokens from `~/.openclaw/openclaw.json`. Furthermore, the installation script attempts to install `qrencode` using `sudo` with `--noconfirm` or `-y` flags, and the monitoring server binds to `0.0.0.0:3000` by default, exposing agent activity and a file browser (`/workspace`) to the local network. While these actions are presented as part of the tool's stated purpose, they represent significant security risks and vulnerabilities.
Capability Assessment
Purpose & Capability
The declared purpose — a real-time monitor for OpenClaw agents — aligns with the instructions (install a Crabwalk binary and connect to the local OpenClaw gateway). However the SKILL.md references reading the OpenClaw config (~/.openclaw/openclaw.json) to auto-detect a gateway token, but the registry metadata did not declare any required config paths or credentials; that mismatch should have been declared.
Instruction Scope
The runtime instructions explicitly tell the agent/user to download and extract a release tarball from GitHub, copy a binary into ~/.local/bin, append PATH changes to shell rc files, optionally install system packages using sudo, and start a server bound to 0.0.0.0. The instructions also auto-detect an auth token from ~/.openclaw/openclaw.json. These actions go beyond a purely read-only monitor (they write binaries to disk, change shell startup files, may invoke elevated package installs, and expose a service to the network). Reading the OpenClaw config is consistent with the tool's purpose but should have been declared.
Install Mechanism
Install is via a GitHub Releases tarball (well-known host) and standard extraction to ~/.crabwalk, then copying the binary to ~/.local/bin. Using GitHub releases is common/expected, but extracting and executing an archive obtained at runtime writes arbitrary code to disk — acceptable for a CLI tool but inherently higher-risk than instruction-only skills. The script also attempts to install qrencode with package managers using sudo, which may prompt for elevation.
Credentials
The skill declares no required env vars or config paths, yet the CLI/README states it will auto-detect a gateway auth token from ~/.openclaw/openclaw.json. Access to that token is proportional to the stated purpose, but the omission in metadata is an inconsistency. No unrelated third-party credentials are requested.
Persistence & Privilege
The skill does not request always:true and allows user invocation. However the installer writes files to ~/.crabwalk and ~/.local/bin and appends PATH entries to ~/.bashrc/.zshrc, giving it persistent presence in the user environment. The server binds to 0.0.0.0 by default (0.0.0.0:3000), which exposes the monitor to the local network — expected for remote human access but increases attack surface and privacy risk.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install public
  3. After installation, invoke the skill by name or use /public
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
- Initial release of Crabwalk public skill. - Provides installation, verification, and start instructions to run the Crabwalk real-time OpenClaw agent monitor. - Includes CLI commands and options for starting, updating, and managing the monitor server. - Lists key features: real-time activity graph, file browser, markdown viewer, and auto gateway token detection. - Documents requirements, update process, and troubleshooting steps.
Metadata
Slug public
Version 0.1.0
License
All-time Installs 15
Active Installs 15
Total Versions 1
Frequently Asked Questions

What is Crabwalk?

Real-time companion monitor for OpenClaw agents. It is an AI Agent Skill for Claude Code / OpenClaw, with 1948 downloads so far.

How do I install Crabwalk?

Run "/install public" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Crabwalk free?

Yes, Crabwalk is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Crabwalk support?

Crabwalk is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Crabwalk?

It is built and maintained by luccasveg (@luccast); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments