← Back to Skills Marketplace
murtiurti4

QuantumOS

by murtiurti4 · GitHub ↗ · v0.2.0
cross-platform ⚠ suspicious
744
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install quantumos
Description
Install and manage QuantumOS, an AI command center dashboard for OpenClaw. Use when the user wants to set up QuantumOS, start/stop the dashboard, troubleshoo...
Usage Guidance
Read before running. Recommendations: - Inspect the GitHub repository (https://github.com/murtiurti4/quantumos.git) yourself before running setup.sh; confirm code matches expectations and review package.json/package-lock for risky dependencies. - Backup HEARTBEAT.md (and any workspace config) before making changes. Do not blindly append the automatic triage block — review and restrict the instructions (remove/limit the "start working on it" automatic behavior) or run triage manually until you trust the setup. - The setup script will try to read your OpenClaw config (~/.openclaw/openclaw.json) to auto-detect gateway.token and will write that token into the project's .env.local; consider entering a scoped/temporary token, or edit .env.local manually instead of letting the script write it. - Run npm install in a controlled environment (or inspect dependencies), and consider running the server in a container or VM first rather than on a host with sensitive data. - Be cautious about allowing any agent automatic task execution that could perform actions on your systems; prefer manual confirmation or tight guardrails. - If you are unsure, mark this skill as 'suspicious' and request the upstream repo source and code review from a trusted developer before installing.
Capability Analysis
Type: OpenClaw Skill Name: quantumos Version: 0.2.0 The skill is classified as suspicious due to two main reasons: 1) The `scripts/setup.sh` file directly accesses and reads the user's `~/.openclaw/openclaw.json` file to extract the `gateway.token`. While this token is used for local configuration (written to `.env.local`), accessing sensitive credentials directly is a high-risk operation that could be exploited if the dashboard itself were compromised. 2) The `SKILL.md` file contains explicit instructions for the AI agent to perform actions like `GET http://localhost:3005/api/mission-control/tasks` and manage tasks, which constitutes prompt injection. Although the objective appears to be legitimate integration with the skill's functionality, this demonstrates a risky capability to directly control the agent's behavior.
Capability Assessment
Purpose & Capability
The skill's code and instructions align with its stated purpose: setup.sh clones a Next.js dashboard repo, installs npm deps, creates data dirs, and wires in the OpenClaw gateway token. That behavior is expected for an "install and manage dashboard" skill. However, the SKILL.md also instructs adding an automated triage block to HEARTBEAT.md (agent/workspace behavior), which is arguably beyond a pure UI install and changes runtime agent behavior.
Instruction Scope
SKILL.md tells the user to append a block to HEARTBEAT.md that directs an agent to periodically GET localhost:3005/api/mission-control/tasks and automatically 'generate a proper title', set status to in_progress, and 'start working on it' — this grants broad, autonomous task-processing instructions. The setup script also reads ~/.openclaw/openclaw.json to auto-detect a gateway.token and writes an .env.local with that token. Reading/writing the user's OpenClaw config and modifying workspace behavioral files expands the skill's scope beyond installing a dashboard and could cause agents to act without finer-grained constraints.
Install Mechanism
This is an instruction-only skill with a bundled setup.sh that clones a GitHub repository (https://github.com/murtiurti4/quantumos.git) and runs npm install. Cloning a public GitHub repo and installing npm deps is expected for this purpose, but npm install will bring third-party packages (normal risk). There is no opaque remote binary download or URL shortener in the install script.
Credentials
The skill declares no required env vars but the script reads ~/.openclaw/openclaw.json to auto-detect gateway.token and writes OPENCLAW_GATEWAY_TOKEN and OPENCLAW_GATEWAY_PORT into the project's .env.local. It also creates files under ~/.openclaw/mission-control and ~/.openclaw/dashboard-data. These are relevant to the dashboard but would ideally be documented as required config access because they involve reading a local credential and writing data into the user's OpenClaw folder. The SKILL.md also suggests optionally adding an XAI_API_KEY for X feeds.
Persistence & Privilege
always:false and normal autonomous invocation are fine. The main concern is the instruction to append an automated triage block to HEARTBEAT.md (workspace/agent instructions). That is a modification to agent/workspace behavior and could give agents broad autonomous powers to start work on tasks. The skill does not itself force-enable persistent system-wide privileges, but it instructs the user to alter files that affect agent runtime behavior.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install quantumos
  3. After installation, invoke the skill by name or use /quantumos
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.2.0
Auto MC triage setup, dynamic agent identity, XAI key prompt, default feed config
v0.1.0
Initial release
Metadata
Slug quantumos
Version 0.2.0
License
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is QuantumOS?

Install and manage QuantumOS, an AI command center dashboard for OpenClaw. Use when the user wants to set up QuantumOS, start/stop the dashboard, troubleshoo... It is an AI Agent Skill for Claude Code / OpenClaw, with 744 downloads so far.

How do I install QuantumOS?

Run "/install quantumos" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is QuantumOS free?

Yes, QuantumOS is completely free (open-source). You can download, install and use it at no cost.

Which platforms does QuantumOS support?

QuantumOS is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created QuantumOS?

It is built and maintained by murtiurti4 (@murtiurti4); the current version is v0.2.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments