← Back to Skills Marketplace
enderfga

Claude Code Agent

by Enderfga · GitHub ↗ · v0.2.0
cross-platform ⚠ suspicious
2930
Downloads
0
Stars
7
Active Installs
2
Versions
Install in OpenClaw
/install claude-code-skill
Description
Integrates MCP tool servers for orchestration, state persistence with IndexedDB/localStorage, and session sync across devices in OpenClaw/Clawdbot.
README (SKILL.md)

OpenClaw Claude Code Skill

Description

MCP (Model Context Protocol) integration for OpenClaw/Clawdbot. Use when you need to:

  • Connect and orchestrate MCP tool servers (filesystem, GitHub, etc.)
  • Persist state across sessions with IndexedDB/localStorage
  • Sync sessions across multiple devices

Triggers: "MCP", "tool server", "sub-agent orchestration", "session sync", "state persistence", "Claude Code integration"

Installation

npm install openclaw-claude-code-skill

Core APIs

MCP Server Management

import { 
  initializeMcpSystem, 
  addMcpServer, 
  executeMcpAction, 
  getAllTools 
} from "openclaw-claude-code-skill";

// 1. Initialize all configured servers
await initializeMcpSystem();

// 2. Add a new MCP server
await addMcpServer("fs", {
  command: "npx",
  args: ["-y", "@modelcontextprotocol/server-filesystem", "/tmp"]
});

// 3. Get available tools
const tools = await getAllTools();

// 4. Call a tool
const result = await executeMcpAction("fs", {
  method: "tools/call",
  params: { name: "read_file", arguments: { path: "/tmp/test.txt" } }
});

State Persistence

import { createPersistStore, indexedDBStorage } from "openclaw-claude-code-skill";

const useStore = createPersistStore(
  { count: 0, items: [] },
  (set, get) => ({
    increment: () => set({ count: get().count + 1 }),
    addItem: (item: string) => set({ items: [...get().items, item] })
  }),
  { name: "my-store" },
  indexedDBStorage  // or omit for localStorage
);

// Check hydration status
if (useStore.getState()._hasHydrated) {
  console.log("State restored!");
}

Session Synchronization

import { mergeSessions, mergeWithUpdate, mergeKeyValueStore } from "openclaw-claude-code-skill";

// Merge chat sessions from multiple sources
const mergedSessions = mergeSessions(localSessions, remoteSessions);

// Merge configs with timestamp-based resolution
const mergedConfig = mergeWithUpdate(localConfig, remoteConfig);

Key Functions

Function Purpose
initializeMcpSystem() Start all MCP servers from config
addMcpServer(id, config) Add new server dynamically
removeMcpServer(id) Remove a server
pauseMcpServer(id) Pause a server
resumeMcpServer(id) Resume a paused server
executeMcpAction(id, req) Call a tool on specific server
getAllTools() List all available tools
getClientsStatus() Get status of all MCP clients
setConfigPath(path) Set custom config file location
createPersistStore() Create Zustand store with persistence
mergeSessions() Merge session arrays
mergeWithUpdate() Merge with timestamp resolution
mergeKeyValueStore() Merge key-value stores

Configuration

Create mcp_config.json:

{
  "mcpServers": {
    "filesystem": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-filesystem", "/tmp"],
      "status": "active"
    },
    "github": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-github"],
      "env": { "GITHUB_TOKEN": "your-token" },
      "status": "active"
    }
  }
}

Set custom config path:

import { setConfigPath } from "openclaw-claude-code-skill";
setConfigPath("/path/to/mcp_config.json");

Requirements

  • Node.js 18+
  • TypeScript (optional but recommended)

Links

Usage Guidance
What to consider before installing or enabling this skill: - This package is an MCP orchestrator and will (on demand) spawn subprocesses to run MCP servers (examples use `npx -y ...`). That means it can download and execute code from npm at runtime — treat that like running arbitrary code. - The code forwards the entire process environment (process.env) to any spawned server. Do not run this skill in a process that already has sensitive secrets (AWS keys, GitHub tokens, Slack tokens, etc.) in environment variables unless you explicitly trust the child servers and have audited their behavior. - The skill reads and writes mcp_config.json in the current working directory by default and lets you set arbitrary config paths. Ensure those paths are safe and that the agent cannot be tricked into overwriting important system files. - The skill examples include launching filesystem and GitHub servers and calling tools like read_file — these will access local files and remote services if configured. Only configure servers with tokens or access scopes that you trust, and prefer least privilege tokens. - Mitigations: run the skill in an isolated environment (container or dedicated VM), sanitize environment variables before use (or modify createClient to restrict which env vars are forwarded), avoid running with high-privilege credentials in the process environment, and review the exact server packages you will launch with npx (or install them from vetted sources beforehand). Confidence notes: I marked this as suspicious (medium confidence) because the code is coherent with its stated purpose but includes behaviors (full env forwarding + dynamic npx execution + writing configs) that materially increase risk and are not explicitly called out as requiring careful handling in SKILL.md. If you can confirm the package is from a trusted, actively maintained repository and you will only launch vetted server packages with sanitized env/config, the practical risk is reduced.
Capability Analysis
Type: OpenClaw Skill Name: claude-code-skill Version: 0.2.0 The skill is designed for Model Context Protocol (MCP) integration, enabling sub-agent orchestration and state persistence. It allows the AI agent to dynamically add and manage MCP servers, which involves executing arbitrary commands (`command` and `args` in `ServerConfig`) and passing/inheriting environment variables (`env` in `ServerConfig`) to spawned child processes, as seen in `src/mcp/actions.ts` and `src/mcp/client.ts`. While these capabilities are fundamental to the skill's stated purpose (orchestrating external tool servers like filesystem or GitHub), they represent a significant security risk. The `SKILL.md` and `README.md` explicitly instruct the agent on how to use these powerful features, making the skill highly susceptible to abuse through prompt injection if the agent is compromised, potentially leading to arbitrary code execution or sensitive data exposure from the host system. There is no clear evidence of intentional malicious behavior within the skill's code or documentation, but the inherent high-risk capabilities warrant a 'suspicious' classification.
Capability Assessment
Purpose & Capability
The code, README and SKILL.md consistently implement an MCP (Model Context Protocol) client/orchestration library (server lifecycle, tool calls, state persistence). That aligns with the implied purpose. However, the implementation intentionally launches arbitrary commands (e.g., via npx to start MCP servers) and allows configuring servers that can access the filesystem or external services — capabilities that are powerful and therefore require caution.
Instruction Scope
Runtime instructions and examples instruct the agent/user to start MCP servers (often via npx -y), read/write mcp_config.json, call tools like read_file, and set an arbitrary config path. The SKILL.md and examples show using filesystem and GitHub servers. Those instructions let the skill (or processes it spawns) access arbitrary filesystem paths, network services, and user-provided tokens; the instructions do not place limits on which paths or env values are safe to use.
Install Mechanism
No install spec in metadata, but SKILL.md and README recommend installing the npm package. The package.json lists reasonable dependencies (@modelcontextprotocol/sdk, zod, zustand, idb-keyval). The higher-risk behavior is runtime: examples and config use npx to pull and run server packages on demand (npx will fetch code from npm), which is expected for an orchestrator but increases runtime risk because remote packages are executed dynamically.
Credentials
createClient builds the child process environment by copying the entire process.env and then merging config.env. That means every environment variable available to the host process will be exported to spawned MCP servers (including secrets). The skill declares no required env vars, but it nevertheless accesses and forwards all env variables — this is disproportionate and can lead to secret exposure unless the runtime environment is carefully sanitized.
Persistence & Privilege
The skill reads and writes a local mcp_config.json (defaulting to process.cwd()) and exposes setConfigPath to point elsewhere. It persists session state to IndexedDB/localStorage in client contexts. Writing config files and managing server processes is coherent with its purpose, but combined with the ability to spawn arbitrary commands and set arbitrary config paths it increases the surface for accidental or intentional misuse.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install claude-code-skill
  3. After installation, invoke the skill by name or use /claude-code-skill
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.2.0
## Version 0.2.0 - Initial release with full source code and documentation. - Added MCP (Model Context Protocol) orchestration utilities and API. - Implemented chat session and config synchronization functions. - Provided persistent state store via IndexedDB/localStorage. - Added examples and configuration templates for quick start.
v0.1.0
Initial release – OpenClaw Claude Code Skill v0.1.0 - Integrates the Model Context Protocol (MCP) with OpenClaw/Clawdbot for tool server orchestration. - Supports persistent state storage across sessions using IndexedDB or localStorage. - Provides session synchronization across devices and environments. - Includes APIs for managing MCP servers, persistent stores, and merging sessions or configurations. - Offers detailed setup and usage examples in TypeScript.
Metadata
Slug claude-code-skill
Version 0.2.0
License
All-time Installs 7
Active Installs 7
Total Versions 2
Frequently Asked Questions

What is Claude Code Agent?

Integrates MCP tool servers for orchestration, state persistence with IndexedDB/localStorage, and session sync across devices in OpenClaw/Clawdbot. It is an AI Agent Skill for Claude Code / OpenClaw, with 2930 downloads so far.

How do I install Claude Code Agent?

Run "/install claude-code-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Claude Code Agent free?

Yes, Claude Code Agent is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Claude Code Agent support?

Claude Code Agent is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Claude Code Agent?

It is built and maintained by Enderfga (@enderfga); the current version is v0.2.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments