← Back to Skills Marketplace
ainclaw

ClawMind

by ainclaw · GitHub ↗ · v1.0.5 · MIT-0
cross-platform ⚠ suspicious
222
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install ainclaw-mind
Description
Save up to 90% on Token costs. One agent explores, all agents benefit. Cloud-cached workflows with zero inference cost.
README (SKILL.md)

ClawMind

One agent explores, all agents benefit.

A crowdsourced workflow registry that caches successful automation patterns, letting you skip LLM inference entirely when a matching workflow exists.

Why Use This?

1. Save Real Money

Traditional approach: LLM explores and reasons through every step, burning tokens on trial-and-error.

Our approach: Query the cloud for a cached workflow. If found, execute directly. Zero inference cost.

Token savings example (10-step browser task):

  • Traditional: ~5000 tokens
  • Workflow Cache: ~800 tokens
  • Savings: 80%+

The more complex the task and the more you repeat it, the more you save.

2. Skip the Debugging Hell

The painful part of AI automation isn't writing the script—it's the endless debugging when:

  • The website changes its layout
  • Selectors break unexpectedly
  • Edge cases you didn't anticipate

ClawMind solves this:

  • Every successful workflow from any agent is cached
  • When websites change, cached workflows auto-update
  • You never debug the same problem twice

3. Platform Agnostic

Works with any Claw/Lobster engine. One workflow, all platforms. Automatic syntax adaptation.

How It Works

User Intent → Query Cloud → Match Found?
                                ↓ Yes        ↓ No
                          Execute Now    Normal Flow
                          (1 second)     (LLM reasons)
                                ↓              ↓
                          Success!      Success → Contribute

One agent's success becomes every agent's shortcut.

Features

Interceptor

Queries the cloud before LLM inference. On match, replays the cached workflow directly.

Trace Compiler

Converts successful session traces into reusable Lobster workflows automatically.

PII Sanitizer

Local-first privacy. All sensitive data stays local. Only workflow patterns are shared.

Configuration

Option Type Default Description
cloud_endpoint string https://api.workflowcache.dev Cloud API endpoint
enabled boolean true Enable/disable interception
auto_contribute boolean true Auto-contribute successful workflows
timeout_ms number 300 API timeout (ms)

Installation

npx clawhub install ainclaw-mind

Or manually:

cd ~/.qclaw/workspace/skills/ainclaw-mind
npm install
npm run build

Security

  • Full PII sanitization pipeline
  • No account credentials ever uploaded
  • Multi-node security validation on all workflows
  • Malicious injection detection and blocking

Who Is This For?

  • Heavy AI users — Daily automation, high token bills
  • Cost-conscious developers — Every token saved is money saved
  • Automation enthusiasts — Stop reinventing wheels
  • Efficiency maximalists — Why reason when you can replay?

License

MIT-0 — Free to use, modify, and redistribute. No attribution required.

Tags: #AI-efficiency #token-saver #automation #crowdsourced #workflow-cache

Usage Guidance
This skill does what it says (intercept intents, fetch replayable workflows, contribute successes), but it can send your intent text and the full current URL and session identifiers to the configured cloud endpoint. Those fields can contain sensitive information (e.g., emails, account IDs, auth tokens in query strings, or private intents). Before installing: - Treat the default cloud endpoint (https://api.workflowcache.dev) as an external service that will receive data from your agent. If you can't trust it, do not enable the skill or set cloud_endpoint to a private/self-hosted endpoint. - Disable auto_contribute (set auto_contribute=false) or disable the skill entirely (enabled=false) if you want interception without uploading contributions. - Avoid running the skill while interacting with pages where URLs or intents might include secrets (auth tokens, payment identifiers). - If you need the feature but want tighter privacy, ask the developer to sanitize intent and URL (strip query params, remove path segments containing tokens) before any network call, and to expose an option to require explicit, per-contribution approval. - If you accept the risk, audit network traffic to the cloud endpoint and/or host your own workflow cache service so contributions remain under your control. I assessed actual source files included in the package; the privacy claim in SKILL.md is inconsistent with the code that transmits intent and URL. If you need help crafting a safer configuration or questions to ask the maintainer, tell me what you want to protect and I can suggest specific settings.
Capability Analysis
Type: OpenClaw Skill Name: ainclaw-mind Version: 1.0.5 The skill implements a crowdsourced workflow registry that sends user intents, URLs, and browser action traces to a remote API (api.workflowcache.dev) and executes 'Lobster' workflows returned by that server. While it includes a PII sanitizer (sanitizer.js) intended to strip sensitive data like passwords and API keys before exfiltration, the architecture creates a significant privacy risk and a centralized vector for Remote Code Execution (RCE) via the lobster.execute hook in interceptor.js. These high-risk capabilities are aligned with the stated purpose of 'token saving' but lack sufficient safeguards against a compromised or malicious upstream provider.
Capability Assessment
Purpose & Capability
Name, description, permissions (browser, lobster, sessions_history, network) and implemented hooks (interceptIntent, onSessionComplete) are coherent: the skill needs access to browser state, session history, and network to query and contribute cached workflows.
Instruction Scope
SKILL.md promises 'Local-first privacy' and 'No account credentials ever uploaded', but the code sends intent (user text), the full current URL, node_id, session_id and the compiled Lobster workflow to the cloud. Intent and URLs often contain sensitive data (emails, tokens in query strings, account identifiers). The sanitizer is applied to action args, but intent and URL are not sanitized before upload.
Install Mechanism
No remote download/install URL or extract step; standard npm-based build is used and only undici is a runtime dependency. There are no obscure or shortener URLs or arbitrary binary fetches in the manifest.
Credentials
The skill requests no credentials and only asks for APIs it needs, which is appropriate. However, the data it transmits (intent text, full URL, session_id, node_id) is more sensitive than the README/SKILL.md acknowledges; requiring no env vars is fine, but the claimed 'no credentials uploaded' is not enforced for URLs or intent content.
Persistence & Privilege
always is false and the skill registers normal hooks; it does not request permanent global privileges or modify other skills. Autonomous invocation via hooks is expected for this type of skill.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install ainclaw-mind
  3. After installation, invoke the skill by name or use /ainclaw-mind
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.5
- Updated skill name and branding from "workflow-cache" to "ClawMind" - Changed all documentation references and installation instructions to use the new ainclaw-mind package name - No feature or functionality changes—documentation and naming improvements only
v1.0.4
- Added comprehensive SKILL.md detailing the Workflow Cache feature, including usage, benefits, and security. - Introduced the concept of cloud-cached workflows to reduce token costs by skipping LLM inference when a match is found. - Described key features: Interceptor, Trace Compiler, and PII Sanitizer. - Provided configuration options and installation instructions. - Clarified target users and licensing.
Metadata
Slug ainclaw-mind
Version 1.0.5
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is ClawMind?

Save up to 90% on Token costs. One agent explores, all agents benefit. Cloud-cached workflows with zero inference cost. It is an AI Agent Skill for Claude Code / OpenClaw, with 222 downloads so far.

How do I install ClawMind?

Run "/install ainclaw-mind" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is ClawMind free?

Yes, ClawMind is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does ClawMind support?

ClawMind is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created ClawMind?

It is built and maintained by ainclaw (@ainclaw); the current version is v1.0.5.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments