← Back to Skills Marketplace
323
Downloads
0
Stars
0
Active Installs
5
Versions
Install in OpenClaw
/install privateclaw-plugin-setup
Description
Install, enable, verify, pair, and manage PrivateClaw OpenClaw sessions, preferring same-conversation /privateclaw QR replies and falling back to the local C...
Usage Guidance
This skill appears to do what it claims (set up PrivateClaw) but contains two items you should consider before proceeding: (1) it instructs using --dangerously-force-unsafe-install when installing the plugin—avoid that flag unless you fully trust and have inspected the package, or run the install in an isolated/test environment; (2) pairing returns QR/invite payloads that grant session access—do not post or re-share these QR codes in public or wrong channels. Before installing: ensure openclaw is installed, verify the plugin package and GitHub release pages yourself, prefer the registered plugin command (which returns invites via the OpenClaw reply path) over manual CLI posting, and consider testing installs in a container or sandbox. If unsure, ask the skill author for justification for the unsafe install flag or request an install method that does not bypass safety checks.
Capability Analysis
Type: OpenClaw Skill
Name: privateclaw-plugin-setup
Version: 1.1.3
The skill `privateclaw-plugin-setup` (v1.1.3) provides instructions for installing and configuring the PrivateClaw encrypted chat plugin. It is classified as suspicious because `SKILL.md` explicitly mandates the use of the `--dangerously-force-unsafe-install` flag for all installation paths (e.g., `@privateclaw/privateclaw`), which bypasses OpenClaw's built-in security verification. Furthermore, the instructions encourage the agent to execute commands directly in active conversations and manage background daemons for session persistence. While these behaviors appear aligned with the tool's stated purpose, the mandatory bypass of platform security controls and the use of background processes represent significant risky capabilities without a verified trust context.
Capability Assessment
Purpose & Capability
Name, description, and the single required binary (openclaw) align with the skill's functionality: installing/enabling/verifying/pairing the PrivateClaw OpenClaw plugin. There are no unrelated env vars, binaries, or config paths requested.
Instruction Scope
The SKILL.md stays on-topic for plugin lifecycle operations, but it explicitly tells operators to return pairing QR images/invite URIs into the current chat and to use the --dangerously-force-unsafe-install flag for installs. Sending QR/invite payloads to chat can leak session secrets if posted to the wrong channel; the 'dangerous' install guidance increases risk of running unverified code. The instructions do not direct the agent to read unrelated system files or external credentials.
Install Mechanism
This is an instruction-only skill (no install spec or code files). The recommended install command uses openclaw plugins install @privateclaw/privateclaw@latest but insists on --dangerously-force-unsafe-install as the default. That flag is high-risk because it bypasses safety checks—reasonable in some development scenarios but disproportionate as a default for general users. The guidance to prefer local checkout when present is coherent.
Credentials
The skill declares no required environment variables or credentials, which fits its purpose. Note: pairing QR codes and invite URIs are effectively secrets for session access; the skill's recommendation to post them into the current conversation means the agent/operator must be careful about recipient/context to avoid exposure.
Persistence & Privilege
The skill does not request elevated privileges, persistent 'always' inclusion, or edits to other skills' configurations. It instructs installing and enabling a plugin and restarting the OpenClaw gateway—expected for this purpose and within scope.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install privateclaw-plugin-setup - After installation, invoke the skill by name or use
/privateclaw-plugin-setup - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.3
Sync plugin manifest version with package.json
v1.1.2
Update the iPhone download guidance to the YourClaw App Store release and align the manual install path with the npm pack plus local archive flow.
v1.1.1
Document relay overrides, non-default relay warnings, and the latest iOS/Android beta access links.
v1.1.0
Refresh PrivateClaw setup guidance for current pair, sessions, kick, and active-session command flows.
v1.0.0
Initial release of the PrivateClaw install, enable, verify, and pairing skill.
Metadata
Frequently Asked Questions
What is Privateclaw Plugin Setup?
Install, enable, verify, pair, and manage PrivateClaw OpenClaw sessions, preferring same-conversation /privateclaw QR replies and falling back to the local C... It is an AI Agent Skill for Claude Code / OpenClaw, with 323 downloads so far.
How do I install Privateclaw Plugin Setup?
Run "/install privateclaw-plugin-setup" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Privateclaw Plugin Setup free?
Yes, Privateclaw Plugin Setup is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Privateclaw Plugin Setup support?
Privateclaw Plugin Setup is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Privateclaw Plugin Setup?
It is built and maintained by topcheer (@topcheer); the current version is v1.1.3.
More Skills