← Back to Skills Marketplace
OpenClaw Gateway Manager
by
seastaradmin
· GitHub ↗
· v1.0.2
· MIT-0
164
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install gateway-manager
Description
Unified multi-cloud management tool for detecting, configuring, restarting, verifying, creating, and safely deleting all OpenClaw gateway instances on macOS.
README (SKILL.md)
OpenClaw Gateway Manager
🦞 统一管理多云 OpenClaw 网关实例 / Unified Multi-Cloud OpenClaw Gateway Manager
🌍 语言 Languages
- 🇨🇳 中文文档
- 🇺🇸 English Documentation
中文文档
💡 设计理念
问题: 用户可能在多平台、多云端部署了多个 OpenClaw 实例(本地、JVS Claw、QClaw、云端等),但缺乏统一管理工具。
解决方案: 本技能通过自动检测不同配置文件路径,统一管理所有 OpenClaw 变种实例,无论它们部署在哪里。
核心思想:
- 🔍 自动发现 - 扫描所有可能的配置路径
- 🎯 统一接口 - 一套命令管理所有实例
- ☁️ 多云支持 - 本地、云端、多厂商发行版
- 🛡️ 安全管理 - 三重确认 + 自动备份
✨ 功能
- 🔍 智能查询 - 自动检测所有 OpenClaw 实例(本地/JVS/QClaw/云端)
- ✏️ 修改端口 - 自动修改配置文件 + LaunchAgent plist
- 🔄 重启网关 - 安全重启指定网关或所有网关
- ✅ 验证配置 - 检查配置一致性、端口监听状态
- ➕ 创建新实例 - 一键创建新网关实例
- 🗑️ 安全删除 - 三重确认 + 自动备份
- 📡 端口扫描 - 智能识别所有实例
🎯 支持的发行版 Supported Distributions
| 发行版 | 配置目录 | 默认端口 | 开发者 | 状态 |
|---|---|---|---|---|
| OpenClaw (原始版) | ~/.openclaw/ |
18789 | OpenClaw 社区 | ✅ |
| JVS Claw (阿里云) | ~/.jvs/.openclaw/ |
18789 | 阿里云无影 | ✅ |
| QClaw (腾讯) | ~/.qclaw/ |
28789 | 腾讯 | ✅ |
| 云端 Claw | ~/.claw-cloud/ |
自定义 | 云服务 | 🔜 |
| 自定义实例 | ~/.openclaw-\x3Cname>/ |
自定义 | 用户 | ✅ |
识别原理: 通过检测不同的配置文件路径来区分不同发行版。
🚀 快速开始
安装
git clone https://github.com/seastaradmin/openclaw-gateway-manager.git ~/.jvs/.openclaw/skills/gateway-manager
使用
# 查看所有网关状态(自动检测所有实例)
~/.jvs/.openclaw/skills/gateway-manager/scripts/gateway-status.sh
# 检查依赖
~/.jvs/.openclaw/skills/gateway-manager/scripts/check-dependencies.sh
# 扫描端口
~/.jvs/.openclaw/skills/gateway-manager/scripts/gateway-scan-ports.sh
# 修改端口
~/.jvs/.openclaw/skills/gateway-manager/scripts/gateway-set-port.sh 本地虾 18888
# 重启所有网关
~/.jvs/.openclaw/skills/gateway-manager/scripts/gateway-restart.sh all
# 验证配置
~/.jvs/.openclaw/skills/gateway-manager/scripts/gateway-verify.sh 本地虾
# 创建新实例
~/.jvs/.openclaw/skills/gateway-manager/scripts/gateway-create.sh test-bot 18899 openim
# 删除实例(三重确认)
~/.jvs/.openclaw/skills/gateway-manager/scripts/gateway-delete.sh test-bot
📊 示例输出
=== OpenClaw Gateway 实例 ===
🔹 本地虾 (JVS Claw)
主端口:18789
辅助端口:18791(浏览器) 18792(Canvas)
配置:~/.jvs/.openclaw
状态:✅ 运行中 (PID: 6512)
频道:openim
Dashboard: http://127.0.0.1:18789/
🔹 飞书机器人
主端口:18790
辅助端口:18792(浏览器) 18793(Canvas)
配置:~/.openclaw
状态:✅ 运行中 (PID: 76822)
频道:feishu
Dashboard: http://127.0.0.1:18790/
🔹 QClaw (腾讯)
主端口:28789
辅助端口:28791(浏览器) 28792(Canvas)
配置:~/.qclaw
状态:✅ 运行中 (PID: 87107)
频道:wechat-access
Dashboard: http://127.0.0.1:28789/
🛡️ 安全特性
- 删除操作三重确认 - 防止误删
- 自动备份 - 删除前备份到
~/.openclaw-deleted-backups/ - 端口检查 - 修改前检查端口是否被占用
- 配置验证 - 修改后自动验证
- 依赖检查 - 安装时自动检查系统依赖
📦 脚本列表
| 脚本 | 功能 | 危险等级 |
|---|---|---|
gateway-status.sh |
查询所有实例状态 | 🟢 安全 |
gateway-scan-ports.sh |
端口扫描 | 🟢 安全 |
gateway-set-port.sh |
修改端口 | 🟡 中等 |
gateway-restart.sh |
重启网关 | 🟢 安全 |
gateway-verify.sh |
验证配置 | 🟢 安全 |
gateway-create.sh |
创建实例 | 🟡 中等 |
gateway-delete.sh |
删除实例 | 🔴 危险 |
check-dependencies.sh |
依赖检查 | 🟢 安全 |
⚙️ 系统要求
操作系统
- ✅ macOS (必需)
- ❌ Windows / Linux (不支持)
原因:使用 macOS 特有的 LaunchAgent、launchctl 和 plutil。
依赖项
运行以下命令检查依赖:
~/.jvs/.openclaw/skills/gateway-manager/scripts/check-dependencies.sh
必需工具:
| 工具 | 用途 | 安装命令 |
|---|---|---|
jq |
JSON 处理 | brew install jq |
lsof |
端口检查 | macOS 自带 |
plutil |
plist 编辑 | macOS 自带 |
launchctl |
LaunchAgent 管理 | macOS 自带 |
curl |
HTTP 请求 | macOS 自带 |
node |
OpenClaw 运行 | brew install node |
⚠️ 安全说明
删除操作
- ✅ 三重确认 - 需要 3 次确认才能执行删除
- ✅ 自动备份 - 删除前备份到
~/.openclaw-deleted-backups/ - ⚠️ 破坏性操作 - 使用
rm -rf删除配置目录
建议: 首次使用前手动备份重要数据
路径安全
✅ 已修复 - 所有路径使用 $HOME 而非硬编码用户路径
LaunchAgent 权限
- 仅创建用户级 LaunchAgent(
~/Library/LaunchAgents/) - 不需要系统级权限或 sudo
- 每个用户独立管理
English Documentation
💡 Philosophy
Problem: Users may deploy multiple OpenClaw instances across different platforms and clouds (local, JVS Claw, QClaw, cloud, etc.), but lack a unified management tool.
Solution: This skill automatically detects different configuration paths and统一管理 all OpenClaw variants, regardless of where they're deployed.
Core Principles:
- 🔍 Auto-Discovery - Scan all possible configuration paths
- 🎯 Unified Interface - One set of commands for all instances
- ☁️ Multi-Cloud - Local, cloud, multi-vendor distributions
- 🛡️ Safe Management - Triple confirmation + automatic backup
✨ Features
- 🔍 Smart Status Query - Auto-detect all OpenClaw instances
- ✏️ Modify Ports - Automatically update config files + LaunchAgent plist
- 🔄 Restart Gateways - Safely restart specific or all gateways
- ✅ Verify Configuration - Check config consistency and port status
- ➕ Create Instances - One-click creation with LaunchAgent setup
- 🗑️ Safe Deletion - Triple confirmation + automatic backup
- 📡 Port Scanning - Intelligently identify all instances
🎯 Supported Distributions
| Distribution | Config Directory | Default Port | Developer | Status |
|---|---|---|---|---|
| OpenClaw (Original) | ~/.openclaw/ |
18789 | OpenClaw Community | ✅ |
| JVS Claw (Alibaba) | ~/.jvs/.openclaw/ |
18789 | Alibaba Cloud Wuying | ✅ |
| QClaw (Tencent) | ~/.qclaw/ |
28789 | Tencent | ✅ |
| Cloud Claw | ~/.claw-cloud/ |
Custom | Cloud Service | 🔜 |
| Custom Instance | ~/.openclaw-\x3Cname>/ |
Custom | User | ✅ |
Identification: Different distributions are identified by their configuration file paths.
🚀 Quick Start
Installation
git clone https://github.com/seastaradmin/openclaw-gateway-manager.git ~/.jvs/.openclaw/skills/gateway-manager
Usage
# Check all gateway status (auto-detect all instances)
~/.jvs/.openclaw/skills/gateway-manager/scripts/gateway-status.sh
# Check dependencies
~/.jvs/.openclaw/skills/gateway-manager/scripts/check-dependencies.sh
# Scan ports
~/.jvs/.openclaw/skills/gateway-manager/scripts/gateway-scan-ports.sh
# Modify port
~/.jvs/.openclaw/skills/gateway-manager/scripts/gateway-set-port.sh local-shrimp 18888
# Restart all gateways
~/.jvs/.openclaw/skills/gateway-manager/scripts/gateway-restart.sh all
# Verify config
~/.jvs/.openclaw/skills/gateway-manager/scripts/gateway-verify.sh local-shrimp
# Create new instance
~/.jvs/.openclaw/skills/gateway-manager/scripts/gateway-create.sh test-bot 18899 openim
# Delete instance (triple confirmation)
~/.jvs/.openclaw/skills/gateway-manager/scripts/gateway-delete.sh test-bot
📝 Example Output
=== OpenClaw Gateway Instances ===
🔹 Local Shrimp (JVS Claw)
Main Port: 18789
Aux Ports: 18791(Browser) 18792(Canvas)
Config: ~/.jvs/.openclaw
Status: ✅ Running (PID: 6512)
Channel: openim
Dashboard: http://127.0.0.1:18789/
🔹 Feishu Bot
Main Port: 18790
Aux Ports: 18792(Browser) 18793(Canvas)
Config: ~/.openclaw
Status: ✅ Running (PID: 76822)
Channel: feishu
Dashboard: http://127.0.0.1:18790/
🔹 QClaw (Tencent)
Main Port: 28789
Aux Ports: 28791(Browser) 28792(Canvas)
Config: ~/.qclaw
Status: ✅ Running (PID: 87107)
Channel: wechat-access
Dashboard: http://127.0.0.1:28789/
🛡️ Safety Features
- Triple confirmation for deletion - Prevents accidental deletion
- Automatic backup - Backs up before deletion
- Port availability check - Verifies port is free
- Configuration validation - Auto-verifies after changes
- Dependency checker - Auto-checks system dependencies
⚙️ System Requirements
Operating System
- ✅ macOS (Required)
- ❌ Windows / Linux (Not supported)
Reason: Uses macOS-specific LaunchAgent, launchctl, and plutil.
Dependencies
Run to check dependencies:
~/.jvs/.openclaw/skills/gateway-manager/scripts/check-dependencies.sh
Required Tools:
| Tool | Purpose | Install Command |
|---|---|---|
jq |
JSON processing | brew install jq |
lsof |
Port check | Built-in macOS |
plutil |
plist editing | Built-in macOS |
launchctl |
LaunchAgent management | Built-in macOS |
curl |
HTTP requests | Built-in macOS |
node |
OpenClaw runtime | brew install node |
⚠️ Safety Notes
Deletion Operation
- ✅ Triple confirmation - Requires 3 confirmations
- ✅ Automatic backup - Backs up to
~/.openclaw-deleted-backups/ - ⚠️ Destructive - Uses
rm -rfto delete config directories
Recommendation: Manually backup important data before first use
Path Security
✅ Fixed - All paths use $HOME instead of hardcoded user paths
LaunchAgent Permissions
- Creates user-level LaunchAgent only (
~/Library/LaunchAgents/) - No system-level permissions or sudo required
- Each user managed independently
📄 License 许可证
MIT License
🔗 Links 链接
- GitHub: https://github.com/seastaradmin/openclaw-gateway-manager
- Author: @seastaradmin
- Version: 1.0.1
🌍 跨平台支持 Cross-Platform Support
支持的操作系统
| 系统 | 服务管理 | 配置路径 | 状态 |
|---|---|---|---|
| macOS | LaunchAgent (用户级) | ~/.openclaw/, ~/.jvs/.openclaw/, ~/.qclaw/ |
✅ |
| Linux | systemd user service | ~/.openclaw/, ~/.config/openclaw/, /opt/openclaw/ |
🔜 |
| Windows | 手动/可选服务 | %USERPROFILE%/.openclaw/, %APPDATA%/openclaw/ |
🔜 |
自动检测
脚本会自动检测操作系统并使用相应的服务管理方式:
# macOS
launchctl load ~/Library/LaunchAgents/ai.openclaw.gateway.plist
# Linux
systemctl --user start openclaw-gateway
# Windows
# 不自动创建服务,用户手动选择
路径规范
- macOS/Linux: 使用
$HOME环境变量 - Windows: 使用
%USERPROFILE%和%APPDATA% - ✅ 无硬编码路径,支持多用户
🔒 安全审查响应 Security Review Response
指令范围 Instruction Scope
审查意见:
Scripts read/write user files, create LaunchAgent plists, scan ports, and perform rm -rf.
回应: ✅ 这是预期行为 - 作为网关管理器,这些操作是必要的。
安全措施:
- ✅ 三重确认机制
- ✅ 自动备份到
~/.openclaw-deleted-backups/ - ✅ 仅创建用户级服务(无需 sudo)
- ✅ 透明配置(plist 文件可审查)
- ✅ 完整文档(SKILL.md + SECURITY_RESPONSE.md)
持久性和权限 Persistence & Privilege
审查意见:
Creates LaunchAgent plists for persistent execution.
回应: ✅ 这是必要功能 - 网关需要开机自启。
安全特性:
- ✅ 仅用户级服务 (
~/Library/LaunchAgents/) - ✅ 不需要系统权限
- ✅ 可以随时卸载
- ✅ 跨平台支持(Linux systemd, Windows 可选)
破坏性操作 Destructive Operations
审查意见:
Performs irreversible deletes.
回应: ✅ 已实施多层保护:
- 三重确认 - 需要 3 次确认
- 自动备份 - 删除前备份
- 进程检查 - 停止进程后删除
- 文档警告 - 明确说明风险
查看安全响应全文:
cat ~/.jvs/.openclaw/skills/gateway-manager/SECURITY_RESPONSE.md
English Documentation (Continued)
🌍 Cross-Platform Support
Supported Operating Systems
| OS | Service Management | Config Paths | Status |
|---|---|---|---|
| macOS | LaunchAgent (user-level) | ~/.openclaw/, ~/.jvs/.openclaw/, ~/.qclaw/ |
✅ |
| Linux | systemd user service | ~/.openclaw/, ~/.config/openclaw/, /opt/openclaw/ |
🔜 |
| Windows | Manual/Optional service | %USERPROFILE%/.openclaw/, %APPDATA%/openclaw/ |
🔜 |
Auto-Detection
Scripts automatically detect the OS and use appropriate service management:
# macOS
launchctl load ~/Library/LaunchAgents/ai.openclaw.gateway.plist
# Linux
systemctl --user start openclaw-gateway
# Windows
# No automatic service creation, user chooses manually
Path Conventions
- macOS/Linux: Uses
$HOMEenvironment variable - Windows: Uses
%USERPROFILE%and%APPDATA% - ✅ No hardcoded paths, multi-user support
🔒 Security Review Response
Instruction Scope
Review Feedback:
Scripts read/write user files, create LaunchAgent plists, scan ports, and perform rm -rf.
Response: ✅ This is intended behavior - These operations are necessary for a gateway manager.
Safety Measures:
- ✅ Triple confirmation mechanism
- ✅ Automatic backup to
~/.openclaw-deleted-backups/ - ✅ User-level services only (no sudo required)
- ✅ Transparent configuration (plist files auditable)
- ✅ Complete documentation (SKILL.md + SECURITY_RESPONSE.md)
Persistence & Privilege
Review Feedback:
Creates LaunchAgent plists for persistent execution.
Response: ✅ This is necessary functionality - Gateways need to auto-start.
Safety Features:
- ✅ User-level services only (
~/Library/LaunchAgents/) - ✅ No system-level permissions required
- ✅ Can be uninstalled anytime
- ✅ Cross-platform support (Linux systemd, Windows optional)
Destructive Operations
Review Feedback:
Performs irreversible deletes.
Response: ✅ Multiple layers of protection implemented:
- Triple confirmation - Requires 3 confirmations
- Automatic backup - Backs up before deletion
- Process check - Stops processes before deletion
- Documentation warnings - Clearly states risks
View full security response:
cat ~/.jvs/.openclaw/skills/gateway-manager/SECURITY_RESPONSE.md
Usage Guidance
What to consider before installing or letting the agent run this skill:
- Confirm source: the registry metadata shows no homepage and 'Source: unknown' while documentation references a GitHub repo. Verify the repository and author (https://github.com/seastaradmin/openclaw-gateway-manager) before cloning or executing scripts.
- Review scripts first: the skill is instruction-only but includes many shell scripts that will read/write $HOME, create LaunchAgents and use rm -rf for deletes. Inspect gateway-delete.sh, gateway-create.sh and the plist template in gateway-create.sh to ensure they do what you expect.
- Backup important data: even with triple-confirmation and automatic backups, deletion uses rm -rf. Make manual backups before testing on production instances.
- Test in a safe environment: run check-dependencies.sh and exercise create/delete operations in a local or isolated test account before use on primary systems.
- Verify openclaw and node binaries: the LaunchAgent runs node to exec openclaw. Ensure the 'openclaw' binary/package you have is trustworthy; otherwise the launched process could contact external services.
- Check cross-platform claims: although metadata claims multi-platform support, the scripts are primarily macOS-focused. Don't expect full Linux/Windows parity without manual review/adjustment.
- Consider manual activation: instead of granting autonomous agent invocation that could create persistent LaunchAgents, run the scripts yourself the first time or require explicit user confirmation before performing operations that install services or delete data.
If you want, I can summarize the exact lines in the scripts that create or delete files and the LaunchAgent plist so you can inspect them quickly.
Capability Analysis
Type: OpenClaw Skill
Name: gateway-manager
Version: 1.0.2
The skill bundle provides a management tool for OpenClaw gateway instances, primarily targeting macOS. It includes capabilities for creating persistent background services via LaunchAgents and performing directory deletions using 'rm -rf'. While these actions are documented as intended features with safeguards like triple confirmation and backups, the scripts (specifically gateway-create.sh and gateway-delete.sh) lack input sanitization on the 'INSTANCE_NAME' and 'PORT' parameters. This introduces critical vulnerabilities, including path traversal (allowing file operations outside intended directories) and command injection via the Node.js execSync call in the generated plist files. These flaws allow for potential exploitation, although there is no clear evidence of intentional malice.
Capability Assessment
Purpose & Capability
The scripts and SKILL.md implement discovery, port management, creation, restart, verification and safe deletion of OpenClaw instances — this matches the stated gateway-manager purpose. However clawhub.json and some README text advertise cross-platform support (macOS/Linux/Windows) while the SKILL.md, check-dependencies.sh and many scripts are macOS-centric (LaunchAgent, plutil, launchctl) and even warn when not running on darwin. This is an internal inconsistency (overstated cross-platform claim) but explains by design: the tool is primarily macOS-focused.
Instruction Scope
SKILL.md instructs the agent to run the provided shell scripts. The scripts read and write configuration under $HOME, inspect ports/processes, create user LaunchAgent plists, invoke openclaw via node, and use rm -rf for deletions. All of these actions are within the declared purpose (service management, create/delete, restart, port changes). Destructive operations are documented and guarded by a three-step confirmation and an automatic backup step, which mitigates but does not eliminate risk — users should still review before running deletion on production data.
Install Mechanism
This is an instruction-only skill (no install spec); the repository content is scripts and documentation. No remote downloads or archive extraction are specified by the skill metadata, so there is low installation mechanism risk. The install guidance (git clone from a GitHub URL) is normal but note the 'Source: unknown / Homepage: none' in the registry metadata — the README mentions a GitHub repo; the user should verify the repository identity before cloning.
Credentials
The skill does not request secrets or external credentials and declares no required environment variables. Scripts access standard environment values (HOME, USERPROFILE, APPDATA) and require node, jq and openclaw binaries — these are proportional to launching and managing OpenClaw gateways. One subtle point: the LaunchAgent plist passes process.env into the node child process; any sensitive env vars present in the user's environment would be inherited by the launched openclaw process (this is expected but worth noting).
Persistence & Privilege
The scripts create and load user-level LaunchAgents under ~/Library/LaunchAgents and run node/openclaw persistently via launchd. This grants persistent execution under the user's account (no sudo). That behavior is coherent with a gateway manager that needs auto-start. However persistence increases the potential blast radius if the code or the openclaw binary were compromised — combine this with the fact the agent can invoke the skill autonomously (default) and you should be cautious about allowing unreviewed autonomous runs that create user services.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install gateway-manager - After installation, invoke the skill by name or use
/gateway-manager - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
v1.0.2 - 跨平台 + 安全响应
新增:
✅ 跨平台支持(macOS/Linux/Windows)
✅ SECURITY_RESPONSE.md 安全审查响应
✅ 自动操作系统检测
✅ 平台特定服务管理
修复:
✅ 所有安全审查问题
✅ 硬编码路径
✅ 依赖声明
Metadata
Frequently Asked Questions
What is OpenClaw Gateway Manager?
Unified multi-cloud management tool for detecting, configuring, restarting, verifying, creating, and safely deleting all OpenClaw gateway instances on macOS. It is an AI Agent Skill for Claude Code / OpenClaw, with 164 downloads so far.
How do I install OpenClaw Gateway Manager?
Run "/install gateway-manager" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw Gateway Manager free?
Yes, OpenClaw Gateway Manager is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does OpenClaw Gateway Manager support?
OpenClaw Gateway Manager is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw Gateway Manager?
It is built and maintained by seastaradmin (@seastaradmin); the current version is v1.0.2.
More Skills