← Back to Skills Marketplace
Elasticsearch Openclaw
by
Alex Salgado
· GitHub ↗
· v1.1.1
547
Downloads
0
Stars
1
Active Installs
5
Versions
Install in OpenClaw
/install elasticsearch-openclaw
Description
Read-only Elasticsearch 9.x reference for AI-orchestrated search and analytics. SECURITY: This skill provides documentation for read-only operations only (se...
README (SKILL.md)
Elasticsearch OpenClaw 🔍
Modern Elasticsearch 9.x patterns for AI-orchestrated applications.
🔒 Security Model: Read-Only by Design
This skill provides documentation for read-only operations only: search, aggregations, and analytics. No write operations (indexing, updates, deletions) are included or executed by the agent.
Note: This skill requires external credentials (Elasticsearch API key) to function. ClawHub security scanners may flag this as "suspicious" — this is expected for skills that integrate with external services. All code is transparent markdown documentation. Review before granting credentials.
Quick Start — Local Dev
For local Elasticsearch 9.x setup with Kibana, use the official start-local tool:
- Repository: https://github.com/elastic/start-local
- Documentation: https://www.elastic.co/start-local
Once running:
- Elasticsearch: http://localhost:9200
- Kibana: http://localhost:5601
- Credentials:
elastic-start-local/.env
Auth — Always Use API Keys
# Test connection
curl -s "$ELASTICSEARCH_URL" -H "Authorization: ApiKey $ELASTICSEARCH_API_KEY"
# Python client 9.x
from elasticsearch import Elasticsearch
es = Elasticsearch(ES_URL, api_key=API_KEY)
Reference Files
Load these only when needed — do not load all at once:
| File | Load when... |
|---|---|
references/semantic-search.md |
Setting up JINA, semantic_text, inference endpoint |
references/vector-search.md |
kNN queries, dense_vector mapping, hybrid search with RRF |
references/classic-patterns.md |
Mapping design, boolean queries, aggregations, pagination |
references/python-client-9.md |
Python elasticsearch 9.x — no body=, keyword args, type hints |
When to Use Each Pattern
User asks about meaning / intent / "find products like X"
→ semantic_text + semantic query → references/semantic-search.md
User needs exact match + semantic combined
→ hybrid search (RRF) → references/vector-search.md
User asks about mapping, field types, analyzers, aggregations
→ classic patterns → references/classic-patterns.md
User uses Python elasticsearch library
→ always check → references/python-client-9.md
Security Best Practices
- Always use API keys over username/password
- Scope API keys to specific indices and minimal privileges
- For read-only OpenClaw access:
privileges: ["read", "view_index_metadata"] - Store credentials in
.env, never hardcode in scripts .envalways in.gitignore
POST /_security/api_key
{
"name": "openclaw-readonly",
"role_descriptors": {
"reader": {
"indices": [{ "names": ["my-index"], "privileges": ["read"] }]
}
}
}
// Response:
{
"id": "VuaCfGcBCdbkQm-e5aOx",
"name": "openclaw-readonly",
"api_key": "ui2lp2axTNmsyakw9tvNnw",
"encoded": "VnVhQ2ZHY0JDZGJrUW0tZTVhT3g6dWkybHAyYXhUTm1zeWFrdzl0dk5udw=="
}
⚠️ Save the encoded field from the response immediately — it cannot be retrieved later.
Add to: ~/.openclaw/workspace-[name]/.env as ELASTICSEARCH_API_KEY
Usage Guidance
This skill mostly contains documentation and is low risk to install, but there are important contradictions you should understand before providing credentials. The files include examples that create API keys, indices, inference endpoints, ingest pipelines, and index documents — all of which are write operations requiring privileges beyond read-only. If you want only read/query capabilities: (1) do NOT supply cluster-admin credentials — create and supply a dedicated read-only API key scoped to the specific indices with privileges like ["read","view_index_metadata"]; (2) avoid giving keys that can create API keys or modify indices; (3) review the referenced files and remove or ignore the PUT/POST examples that perform writes; (4) note the skill's metadata inconsistencies (env vars mentioned in docs but not in registry) and prefer explicit communication from the author if you need to trust this skill for automated use. If you plan to let the agent act autonomously, require least-privilege credentials and consider disabling autonomous invocation or auditing actions until you trust behavior.
Capability Analysis
Type: OpenClaw Skill
Name: elasticsearch-openclaw
Version: 1.1.1
The skill bundle provides documentation and code examples for read-only Elasticsearch 9.x operations, focusing on search and analytics. It explicitly states its read-only nature and consistently adheres to it across all files. While it requires external API keys (ELASTICSEARCH_API_KEY, JINA_API_KEY), this is necessary for its stated purpose, and the skill provides clear instructions for secure handling (least-privilege API keys, environment variables, .gitignore). There is no evidence of data exfiltration, malicious execution, persistence, obfuscation, or prompt injection attempts designed to harm the agent or user. All external network calls are to the Elasticsearch cluster and Jina AI, which are integral to the skill's functionality.
Capability Assessment
Purpose & Capability
The skill's name and description claim a read-only reference for Elasticsearch 9.x, which justifies needing ELASTICSEARCH_URL and a read-only API key. However, parts of the content (examples and reference files) show write/create operations (POST /_security/api_key, PUT my-index, PUT _inference, PUT _ingest/pipeline, POST my-index/_doc). Creating API keys or inference endpoints requires elevated privileges that are not consistent with a pure read-only documentation skill. Also the top-level registry metadata listed no required env vars while SKILL.md metadata declares ELASTICSEARCH_URL and ELASTICSEARCH_API_KEY — an internal inconsistency.
Instruction Scope
SKILL.md and the reference files explicitly include commands that mutate cluster state: creating API keys (POST /_security/api_key), index mappings (PUT my-index), creating inference endpoints (PUT _inference), ingest pipelines (PUT _ingest/pipeline), and indexing documents (POST my-index/_doc). These go beyond read-only search/aggregation examples and could lead an agent to perform privileged operations if given sufficient credentials. The docs also reference additional secrets (JINA_API_KEY) in examples that aren't declared in the skill metadata.
Install Mechanism
This is an instruction-only skill with no install spec or code to write to disk, and requires no package downloads. That minimizes installation risk.
Credentials
SKILL.md declares ELASTICSEARCH_URL and ELASTICSEARCH_API_KEY (base64) which are expected for an ES integration. However: (1) the registry summary initially showed no required env vars (metadata mismatch); (2) the Python reference and env examples mention JINA_API_KEY (an additional external API key) but it's not declared in SKILL.md metadata as required — this is inconsistent and could lead to unexpected requests for secrets; (3) creating API keys (included as an example) requires privileges beyond a typical read-only API key, so granting cluster-level credentials to follow sample steps would be disproportionate.
Persistence & Privilege
The skill does not request 'always: true' or any special persistent installation. It instructs users to store the encoded API key in ~/.openclaw/workspace-[name]/.env, which is a normal workspace pattern. Still, because the docs include API-key creation steps, giving the skill credentials that allow API-key creation or index writes would expand its effective privileges — be careful to only provide a least-privilege read-only API key if you intend only read operations. Autonomous invocation is permitted by default (disable-model-invocation: false) but that alone is not flagged; combined with the write instructions it increases the blast radius if over-privileged credentials are provided.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install elasticsearch-openclaw - After installation, invoke the skill by name or use
/elasticsearch-openclaw - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.1
Security improvements: remove curl dependency, clarify read-only nature, add security note
v1.1.0
Remove curl | sh to address security flag
v1.0.2
Read-only enforcement: removed all write operations (bulk indexing, index management). Removed ELSER (JINA only). Added API key response example, clarified .env paths, improved classic patterns with text/keyword examples, nested aggregation, better PIT definition, and shard sizing explanation. Addresses review feedback.
v1.0.1
Security improvements: Added explicit read-only security model, API key privilege recommendations, and transparency note about Elastic's official install script
v1.0.0
Initial release: ES 9.x semantic search, vector search, hybrid search with RRF, Python client patterns
Metadata
Frequently Asked Questions
What is Elasticsearch Openclaw?
Read-only Elasticsearch 9.x reference for AI-orchestrated search and analytics. SECURITY: This skill provides documentation for read-only operations only (se... It is an AI Agent Skill for Claude Code / OpenClaw, with 547 downloads so far.
How do I install Elasticsearch Openclaw?
Run "/install elasticsearch-openclaw" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Elasticsearch Openclaw free?
Yes, Elasticsearch Openclaw is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Elasticsearch Openclaw support?
Elasticsearch Openclaw is cross-platform and runs anywhere OpenClaw / Claude Code is available (linux, darwin, win32).
Who created Elasticsearch Openclaw?
It is built and maintained by Alex Salgado (@salgado); the current version is v1.1.1.
More Skills