← Back to Skills Marketplace
OpenClaw Agent Control Skill
by
Jiang_AgentLabs
· GitHub ↗
· v1.0.0
483
Downloads
1
Stars
3
Active Installs
1
Versions
Install in OpenClaw
/install openclaw-agent-control
Description
Deploy and start OpenClaw Agent Control with one command (backend + frontend) using skill-based workflow.
Usage Guidance
This skill will clone a remote GitHub repo and run its code (npm install, build, and start a Python/Node server) on your machine by default in /root. Before installing: 1) Verify and trust the REPO_URL and ideally pin to a specific commit or release rather than main. 2) Inspect the repository (especially package.json scripts and any install hooks) and the Python app for unexpected network calls or credential usage. 3) Do not run as root—change PROJECT_DIR to a non-privileged directory or run inside an isolated container/VM. 4) Ensure required binaries (git, node/npm, python, uvicorn or equivalent) are installed and declared. 5) If you need lower risk, run the deploy script manually in a sandbox first and monitor outbound network activity. If the publisher or repository cannot be verified, avoid running this on production or sensitive hosts.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-agent-control
Version: 1.0.0
The skill clones an external GitHub repository (JiangAgentLabs/OpenClaw-Agent-Control) and executes its contents with root-level privileges by default in `/root/`. The script `scripts/deploy_project.sh` launches background processes and opens network ports (8787 and 3000) on all interfaces (0.0.0.0). While these actions align with the stated purpose of deploying a control panel, the execution of unverified remote code and the use of privileged directories pose a significant security risk.
Capability Assessment
Purpose & Capability
SKILL.md and the script clearly implement a deploy/start workflow (git clone, start backend, build frontend). However the registry metadata declares no required binaries or envs even though the script requires git, python, node/npm (and likely pip/uvicorn), making the metadata incomplete and inconsistent. The default PROJECT_DIR is /root which is a privileged location and surprising for a generic deploy skill.
Instruction Scope
The runtime script clones a remote repository (defaulting to a GitHub URL) and then runs commands from that repo: git checkout/pull, npm install, npm build/restart, and launches a Python web server bound to 0.0.0.0. That means arbitrary code from the network will be executed on the host (npm install can run install scripts). The instructions do not limit or pin the commit, nor do they recommend running in an isolated environment.
Install Mechanism
There is no install spec (instruction-only), which normally is lower risk — but the provided script performs network fetches at runtime (git clone, npm install). Fetching and executing remote code is a high-risk runtime install behavior even if the skill package itself doesn't install components.
Credentials
The registry lists no required env vars, but SKILL.md documents optional env vars (REPO_URL, PROJECT_DIR, MONITOR_PORT, PORT). No secrets are requested. However the default PROJECT_DIR=/root and logs paths under /root suggest the script expects root-level access; running as root increases impact of any malicious code pulled from the repo.
Persistence & Privilege
always is false and the skill does not request to be force-included or modify other skills. It does create files under the host (project dir, logs) and launches services, but it does not claim elevated platform privileges in the metadata.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-agent-control - After installation, invoke the skill by name or use
/openclaw-agent-control - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of openclaw-agent-control skill.
- Deploys and starts both backend and frontend with a single command.
- Supports repository cloning/updating and health checks.
- Offers customizable environment variables for deployment.
- Provides quick validation steps for both frontend and backend.
Metadata
Frequently Asked Questions
What is OpenClaw Agent Control Skill?
Deploy and start OpenClaw Agent Control with one command (backend + frontend) using skill-based workflow. It is an AI Agent Skill for Claude Code / OpenClaw, with 483 downloads so far.
How do I install OpenClaw Agent Control Skill?
Run "/install openclaw-agent-control" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw Agent Control Skill free?
Yes, OpenClaw Agent Control Skill is completely free (open-source). You can download, install and use it at no cost.
Which platforms does OpenClaw Agent Control Skill support?
OpenClaw Agent Control Skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw Agent Control Skill?
It is built and maintained by Jiang_AgentLabs (@jiangagentlabs); the current version is v1.0.0.
More Skills