← 返回 Skills 市场
675
总下载
2
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install approvals-ui
功能描述
Web dashboard to approve OpenClaw device and channel pairings, manage connections, and access a live terminal from your browser.
使用说明 (SKILL.md)
Approvals UI\r
\r A web dashboard for managing OpenClaw device pairings, channel approvals, and a live terminal — all from your browser.\r \r
Install\r
\r Place this folder at:\r \r
~/.openclaw/workspace/projects/p1\r
```\r
\r
Your file structure should look like:\r
\r
```\r
~/.openclaw/workspace/projects/p1/\r
├── SKILL.md\r
├── server.py\r
└── templates/\r
├── channel_approvals.html\r
├── dashboard.html\r
├── device_pairings.html\r
├── index.html\r
├── login.html\r
└── terminal.html\r
```\r
\r
## Requirements\r
\r
Install Python dependencies:\r
\r
```bash\r
pip install flask flask-socketio\r
```\r
\r
## ⚠️ Important — Change These Before Running\r
\r
This skill ships with **placeholder credentials** that you **must** change before using:\r
\r
Open `server.py` and update the following values near the top of the file:\r
\r
| What | Variable | Default | Action |\r
|---|---|---|---|\r
| Dashboard login username | `ADMIN_USERNAME` | `Drinnas` | Change to your own username |\r
| Dashboard login password | `ADMIN_PASSWORD` | `admin` | Change to a strong password |\r
| API auth password | `AUTH_PASSWORD` / env `SERVER_AUTH_PASSWORD` | `Bb7766!server` | Change to a strong password or set the env var |\r
| Flask secret key | env `FLASK_SECRET_KEY` | dev placeholder | Set to a random string in your environment |\r
\r
**Example:**\r
\r
```bash\r
export FLASK_SECRET_KEY="$(python3 -c 'import secrets; print(secrets.token_hex(32))')"\r
export SERVER_AUTH_PASSWORD="your-strong-api-password-here"\r
```\r
\r
> **Do not run with the defaults.** Anyone who knows the defaults can log in and access your terminal and gateway token.\r
\r
### Credential Explanation\r
\r
There are **two separate auth layers**:\r
\r
1. **Dashboard login** (`ADMIN_USERNAME` / `ADMIN_PASSWORD`) — protects the web UI pages (dashboard, device pairings, channel approvals, terminal).\r
2. **API password** (`AUTH_PASSWORD` / env `SERVER_AUTH_PASSWORD`) — protects the backend API endpoints (`/pair`, `/sync`, `/approve`) used for programmatic access. These endpoints are not exposed in the web UI but exist for automation/scripting.\r
\r
Both should be set to strong, unique values.\r
\r
## Usage\r
\r
Start the server:\r
\r
```bash\r
cd ~/.openclaw/workspace/projects/p1\r
python3 server.py\r
```\r
\r
Then open **http://127.0.0.1:9100** in your browser.\r
\r
## Features\r
\r
- **Dashboard** — Landing page with quick navigation to all sections.\r
- **Device Pairings** — View pending and paired browser/device connections. Approve or reject pairing requests. Copy your gateway token to clipboard.\r
- **Channel Approvals** — Review and approve pending channel pairing requests (Telegram, Discord, WhatsApp, etc). Real-time updates via Socket.IO.\r
- **Terminal** — Full interactive terminal session in the browser using xterm.js.\r
\r
## How It Works\r
\r
- Reads device pairings directly from `~/.openclaw/devices/pending.json` and `~/.openclaw/devices/paired.json`.\r
- Reads channel pairing requests from `~/.openclaw/credentials/*-pairing.json`.\r
- Reads the gateway token from `~/.openclaw/openclaw.json` → `gateway.auth.token`.\r
- Approve/reject actions use the `openclaw devices approve` and `openclaw devices reject` CLI commands.\r
- No external database needed — everything reads from OpenClaw's own state files.\r
\r
## Security Notes\r
\r
- **Localhost only** — The server binds to `127.0.0.1` by default. Do not change this to `0.0.0.0` unless you put it behind a reverse proxy with TLS and strong auth.\r
- **Terminal access** — The terminal feature gives full shell access to your machine. If you don't need it, you can remove the `/terminal` route and `terminal.html` template.\r
- **Sensitive files** — The app reads your `openclaw.json` (gateway token), device pairing files, and credential pairing files. Anyone who can access the web UI can see this data.\r
- **API endpoints** — `POST /pair`, `POST /sync`, and `POST /approve` accept JSON with a password field. These are protected by `AUTH_PASSWORD` and are intended for scripting/automation, not the web UI.\r
\r
## Configuration\r
\r
| Setting | Location | Default |\r
|---|---|---|\r
| Server port | `server.py` bottom | `9100` |\r
| Dashboard login | `server.py` `ADMIN_USERNAME` / `ADMIN_PASSWORD` | `Drinnas` / `admin` |\r
| API password | `server.py` `AUTH_PASSWORD` / env `SERVER_AUTH_PASSWORD` | `Bb7766!server` |\r
| Flask secret key | env `FLASK_SECRET_KEY` | dev placeholder |\r
| OpenClaw state dir | env `OPENCLAW_STATE_DIR` | `~/.openclaw` |\r
\r
## Tags\r
\r
`ui` `dashboard` `pairings` `approvals` `terminal` `web`\r
安全使用建议
This package appears to do what it says: a local dashboard that reads OpenClaw state files and provides an interactive terminal. Before installing or running it, do the following: 1) Change the defaults immediately — set a strong FLASK_SECRET_KEY (via env) and a strong SERVER_AUTH_PASSWORD; also change ADMIN_USERNAME/ADMIN_PASSWORD in server.py or make them configurable via environment variables. 2) Remember this app reads and displays sensitive files (gateway token, pairing JSONs); anyone who can access the web UI or the API endpoints can view or act on those secrets. The /pair and /sync API endpoints accept a JSON password (plaintext) for automation—only use them from trusted local scripts and keep the password strong. 3) The terminal provides a full shell; remove or disable the /terminal route if you do not need it. 4) Review server.py for how it invokes the OpenClaw CLI (subprocess usage). Ensure arguments are passed without shell=True or unsafe string concatenation to avoid command injection if you expose the server beyond localhost. 5) Do not bind to 0.0.0.0 or expose this service to untrusted networks without putting it behind HTTPS and strong access controls. 6) If you rely on external CDNs (socket.io,xterm.js), consider hosting assets locally if you require an air-gapped or stricter environment. If you want, provide the rest of server.py (the truncated portion) and I will inspect the exact subprocess/pty usage for additional concerns.
功能分析
Type: OpenClaw Skill
Name: approvals-ui
Version: 1.0.1
This skill bundle is classified as suspicious due to several critical vulnerabilities, primarily the use of weak default credentials and a hardcoded API password in client-side code (channel_approvals.html, index.html), which could lead to unauthorized access and command execution. The `server.py` also uses a weak default Flask secret key, enables `debug=True` and `allow_unsafe_werkzeug=True` (severe RCE risk in production), and sets `cors_allowed_origins="*"` for Socket.IO. Furthermore, user-controlled inputs are passed to `subprocess.run` calls for the `openclaw` CLI, posing a potential shell injection risk. While the `SKILL.md` documentation transparently warns users about changing default credentials and the inherent risk of the full shell access provided by the terminal feature, these are significant flaws that make the system highly vulnerable if the warnings are ignored. There is no clear evidence of intentional malicious behavior like data exfiltration to unauthorized external endpoints or hidden backdoors.
能力评估
Purpose & Capability
Name/description (dashboard for device/channel approvals and a live terminal) match the code and SKILL.md. The server reads OpenClaw state files (~/.openclaw), exposes pairing management endpoints, and provides an in-browser terminal — all consistent with the stated purpose. There are no unrelated required env vars or binaries.
Instruction Scope
SKILL.md explicitly instructs where to place files, how to install Flask/SocketIO, and to change embedded default credentials. It also documents that the app reads sensitive OpenClaw files (pending/paired device JSON, channel pairing JSON, and gateway token) and that the terminal exposes a full shell. Those behaviors are within purpose but are high-sensitivity operations; the docs warn about them. One operational note: the web templates load Socket.IO (and likely other assets) from public CDNs; SKILL.md does not call this out but this is normal for a local UI.
Install Mechanism
This is an instruction-only skill (no installer spec). The instructions tell the user to pip install flask and flask-socketio — reasonable and proportional. No remote downloads/executables are pulled by the skill itself.
Credentials
The skill requests no special environment variables in the registry metadata. The code supports optional env vars (FLASK_SECRET_KEY and SERVER_AUTH_PASSWORD) and provides defaults in server.py for ADMIN_USERNAME/ADMIN_PASSWORD/AUTH_PASSWORD which SKILL.md tells you to change. That is consistent, but embedding default admin credentials in the code is risky — the SKILL.md repeatedly warns not to run with defaults. API endpoints (/pair, /sync) accept a JSON password for automation; ensure you set a strong SERVER_AUTH_PASSWORD before use.
Persistence & Privilege
The skill does not request always:true or any platform privileges. It runs as a local Flask app and does not modify other skills or system-wide OpenClaw config beyond invoking OpenClaw CLI operations (approve/reject). Autonomous model invocation settings are default and not a special privilege in this package.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install approvals-ui - 安装完成后,直接呼叫该 Skill 的名称或使用
/approvals-ui触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
- Added a prominent section instructing users to change default dashboard and API credentials before first use.
- Explained the difference between dashboard login and API password, clarifying their separate purposes.
- Provided examples and details on setting secure environment variables for authentication and Flask secret key.
- Added a dedicated Security Notes section warning about terminal access, sensitive files, and exposed API endpoints.
- Updated configuration table to include API password and clarify environment variable usage.
v1.0.0
Initial release of Approvals UI — a web dashboard for OpenClaw device and channel management.
- Provides a browser-based interface for device pairings, channel approvals, and terminal access.
- Integrates real-time updates for channel approvals via Socket.IO.
- Supports interactive terminal sessions in-browser using xterm.js.
- No external database required; works directly with OpenClaw's state files.
- Default login: Username: Drinnas / Password: admin
元数据
常见问题
Approve new channels, and connections to openclaw ui and terminal 是什么?
Web dashboard to approve OpenClaw device and channel pairings, manage connections, and access a live terminal from your browser. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 675 次。
如何安装 Approve new channels, and connections to openclaw ui and terminal?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install approvals-ui」即可一键安装,无需额外配置。
Approve new channels, and connections to openclaw ui and terminal 是免费的吗?
是的,Approve new channels, and connections to openclaw ui and terminal 完全免费(开源免费),可自由下载、安装和使用。
Approve new channels, and connections to openclaw ui and terminal 支持哪些平台?
Approve new channels, and connections to openclaw ui and terminal 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Approve new channels, and connections to openclaw ui and terminal?
由 Dr1nnas(@dr1nnas)开发并维护,当前版本 v1.0.1。
推荐 Skills