功能描述

Create, structure, and publish OpenClaw skills to ClawHub that pass the security scanner with clean ratings. Covers frontmatter schema, env var declarations,...

使用说明 (SKILL.md)

ClawHub Skill Guide

Name: ClawHub Skill Guide — Scanner Compliance
Author: tdavis009

Publish OpenClaw skills to ClawHub with clean security scanner ratings. This guide supplements the built-in skill-creator skill with ClawHub-specific publishing knowledge — especially frontmatter schema and scanner compliance.

Note: The built-in skill-creator says "Do not include any other fields in YAML frontmatter." That guidance is outdated. ClawHub supports and the scanner requires additional fields like env, metadata, requires, etc. This guide documents the complete frontmatter schema.

Quick Reference

Skill Anatomy

my-skill/
├── SKILL.md              # Core instructions (required, under 500 lines)
├── scripts/              # Executable code (optional)
├── references/           # Docs loaded on demand (optional)
└── assets/               # Templates, images, non-context files (optional)

Frontmatter Fields

Field	Required	Purpose
`name`	✅	Lowercase, hyphens, under 64 chars
`description`	✅	Trigger text with keywords
`env`	When credentials needed	Array of env var declarations
`metadata`	Alternative env format	OpenClaw-specific metadata
`requires`	When dependencies exist	Human-readable requirement list
`homepage`	Optional	Source/docs URL
`category`	Optional	Skill category
`emoji`	Optional	Display emoji
`version`	Optional	Semver (can also set via CLI)

→ Full schema: references/frontmatter-schema.md

Scanner Categories

#	Category	Key Requirement
1	PURPOSE & CAPABILITY	Description matches functionality; credentials declared
2	INSTRUCTION SCOPE	Instructions on-topic; no auto-config language
3	INSTALL MECHANISM	No external downloads; scripts write within workspace
4	CREDENTIALS	All env vars declared in frontmatter; sensitive marked
5	PERSISTENCE & PRIVILEGE	No always:true; config as templates for manual review

→ Deep dive: references/scanner-compliance.md

Creating a Skill

Step 1: Plan Structure

Decide what goes where:

Content Type	Location
Core workflow, key instructions	SKILL.md body
Detailed reference material	`references/`
Executable automation	`scripts/`
Templates, images, boilerplate	`assets/`

Keep SKILL.md under 500 lines. Move detailed docs to references.

Step 2: Write Frontmatter

This is where most scanner issues originate. Get frontmatter right first.

Important: The local packager (package_skill.py) only allows these top-level frontmatter keys: name, description, license, metadata, allowed-tools. The env: key works on ClawHub's registry but fails local validation. Use the metadata.openclaw format for compatibility with both.

Minimal frontmatter (no credentials needed):

---
name: my-skill
description: >
  What this skill does. Include trigger keywords so the agent
  knows when to activate it. Use when: scenario1, scenario2.
---

With credentials (packager-compatible format):

---
name: my-api-skill
description: >
  Integrates with Example API for data retrieval and analysis.
  Use when: querying example data, generating reports from Example API.
metadata:
  openclaw:
    requires:
      env:
        - EXAMPLE_API_KEY
      bins:
        - curl
    primaryEnv: EXAMPLE_API_KEY
    env:
      - name: EXAMPLE_API_KEY
        description: "API key for Example service"
        required: true
      - name: EXAMPLE_BASE_URL
        description: "Base URL for Example API (default: https://api.example.com)"
        required: false
---

Note: If you skip the local packager and publish directly with npx clawhub publish, the direct env: top-level array also works (some published skills use this). But the metadata.openclaw format works everywhere.

→ All supported fields and formats: references/frontmatter-schema.md

Step 3: Write Body

Structure the body for progressive disclosure:

Quick Start — Minimal steps to use the skill
Prerequisites — Table of requirements (if any)
Security Notes — Script safety, credential handling (if applicable)
How It Works — Core instructions
File Reference — List bundled resources with descriptions

Keep instructions imperative. Challenge every paragraph: "Does the agent really need this?"

Step 4: Add Scripts (If Needed)

Follow safe patterns to pass the scanner:

Only write within the skill workspace
No network calls unless explicitly declared and justified
No obfuscated code
Document line count and purpose in SKILL.md
Include "inspect before running" warning

→ Full patterns: references/script-safety.md

Step 5: Validate and Package

# Validate structure
python3 ~/.npm-global/lib/node_modules/openclaw/skills/skill-creator/scripts/package_skill.py ./my-skill

# Check manually:
# - Frontmatter has name + description
# - env declarations match actual credential usage
# - No personal data or test artifacts
# - SKILL.md under 500 lines

Step 6: Publish and Check Scanner

# Verify auth
npx clawhub whoami

# Publish
npx clawhub publish ./my-skill \
  --slug my-skill \
  --name "My Skill" \
  --version 1.0.0 \
  --changelog "Initial release" \
  --tags latest

# Check scanner results
npx clawhub inspect my-skill

→ Full workflow: references/publish-workflow.md

Frontmatter Quick Guide

The Three Env Declaration Formats

ClawHub supports three ways to declare environment variables. All are valid; the metadata.openclaw format is recommended for compatibility with both the local packager and the ClawHub scanner.

Format 1 — Direct env: array (richest data, but fails local packager):

env:
  - name: MY_API_KEY
    description: "API key for the service"
    required: true
    sensitive: true

Works with npx clawhub publish but NOT with package_skill.py validation.

Format 2 — metadata.openclaw.env (recommended — works everywhere):

metadata:
  openclaw:
    env:
      - name: MY_API_KEY
        description: "API key for the service"
        required: false

Format 3 — metadata.openclaw.requires:

metadata:
  openclaw:
    requires:
      env:
        - MY_API_KEY
      bins:
        - curl
    primaryEnv: MY_API_KEY

Format 1 gives the scanner the most information (including sensitive flag) and produces the cleanest scan results.

Description Best Practices

The description is the primary trigger mechanism. Include:

What the skill does (concrete actions)
Keywords matching user queries
"Use when:" clause listing activation scenarios

Bad: "Helps with APIs."

Good:

description: >
  Query and manage Example API resources including users, projects,
  and billing data. Generates reports, monitors usage, and handles
  authentication. Use when: querying Example API, generating usage
  reports, managing API resources, checking billing status.

Scanner Compliance Quick Guide

1. PURPOSE & CAPABILITY ✓

Description accurately reflects what the skill does
All credentials declared in frontmatter env or metadata
No undeclared external service dependencies

2. INSTRUCTION SCOPE ✓

Instructions stay on-topic for the skill's stated purpose
No language about automatically applying config changes
Privileged operations marked as "requires manual review"
If using requireMention:false, document data exposure implications

3. INSTALL MECHANISM ✓

No curl, wget, or network downloads in scripts
Scripts only write within the skill workspace directory
Include "inspect before running" notes for all scripts
No obfuscated or minified executable code

4. CREDENTIALS ✓

Every env var the skill uses is declared in frontmatter
Sensitive credentials marked sensitive: true
No requests for credentials unrelated to the skill's purpose
Prerequisites table lists all required accounts/keys

5. PERSISTENCE & PRIVILEGE ✓

No always:true in config recommendations
Config changes presented as templates for manual review
Multi-user skills recommend agent isolation (separate OpenClaw agent)
No persistent background processes or daemons

→ Deep dive with case study: references/scanner-compliance.md

Publishing

Command Reference

# Publish a skill
npx clawhub publish ./skill-dir \
  --slug my-skill \
  --name "Display Name" \
  --version 1.0.0 \
  --changelog "What changed" \
  --tags latest

# Inspect published skill
npx clawhub inspect my-skill
npx clawhub inspect my-skill --files
npx clawhub inspect my-skill --file SKILL.md

# Browse and search
npx clawhub explore
npx clawhub search "keyword"

# Auth
npx clawhub whoami

Version Bumping

When fixing scanner warnings, bump the version and republish:

npx clawhub publish ./skill-dir \
  --slug my-skill \
  --version 1.1.0 \
  --changelog "Fix: declared env vars in frontmatter for clean scan" \
  --tags latest

Common Pitfalls

Mistake	Scanner Impact	Fix
No env declarations when skill uses credentials	! CREDENTIALS	Add env vars via `metadata.openclaw.env` in frontmatter
"Agent automatically applies config" language	! INSTRUCTION SCOPE	Change to "manual review required"
Scripts without inspection warning	ℹ INSTALL MECHANISM	Add "inspect before running" note
No agent isolation for multi-user skills	ℹ PERSISTENCE	Add security model section
`requireMention:false` without data exposure docs	ℹ INSTRUCTION SCOPE	Document what data the skill sees
Description too short / missing keywords	Poor discoverability	Expand with trigger scenarios
Shipping test DBs or generated files	Bloat	Clean before publishing
Personal data in examples	Privacy risk	Use generic examples

Templates

Ready-to-use SKILL.md templates:

Basic skill — Minimal SKILL.md
Skill with scripts — Scripts + env vars
Skill with config — Gateway config changes

Copy, fill in the placeholders, publish.

File Reference

File	Purpose
`references/frontmatter-schema.md`	Complete YAML frontmatter field documentation
`references/scanner-compliance.md`	Scanner categories deep dive with case study
`references/script-safety.md`	Safe script patterns for publication
`references/publish-workflow.md`	Step-by-step publish and iterate workflow
`assets/templates/basic-skill.md`	Minimal SKILL.md template
`assets/templates/skill-with-scripts.md`	Template with scripts and env vars
`assets/templates/skill-with-config.md`	Template for config-changing skills

安全使用建议

This guide is coherent and low-risk: it only documents best practices and includes explicit safety recommendations (inspect scripts, declare env vars in frontmatter, present config as templates for manual review). Before using templates or example scripts: 1) never paste real credentials into example files; 2) inspect any provided scripts before running them locally; 3) be careful when using config.patch — the guide warns it replaces whole arrays, so manually merge to avoid accidental removal of existing agents/bindings; and 4) follow the guide's recommendation to run multi-user skills under a restricted/dedicated agent. If you plan to publish real skills based on these templates, ensure frontmatter env declarations accurately reflect any credentials the skill actually uses.

功能分析

Type: OpenClaw Skill Name: clawhub-skill-guide Version: 1.0.0 This skill bundle, 'clawhub-skill-guide', is a comprehensive guide designed to teach users how to create and publish OpenClaw skills securely and pass the platform's security scanner. All files (SKILL.md, templates, and references) consistently advocate for secure development practices, explicitly warning against common vulnerabilities like data exfiltration, unauthorized execution, persistence, and obfuscation. The instructions within SKILL.md and the templates promote agent sandboxing, manual review of configuration changes, workspace-scoped script execution, and transparent credential declarations. There is no evidence of intentional harmful behavior, prompt injection designed to subvert the agent, or exploitable vulnerabilities within the skill's own content or instructions; instead, it actively educates on how to avoid such issues.

能力评估

✓ Purpose & Capability

The skill is a documentation/guide package (no code, no install spec, no required env vars). Everything it asks for (none) and everything it documents (frontmatter, env declaration patterns, publish workflow) aligns with a publisher/authoring guide.

✓ Instruction Scope

SKILL.md and referenced docs stay on-topic: they instruct how to structure frontmatter, declare env vars, document scripts, and avoid automatic config changes. The content explicitly recommends manual review and isolation patterns and does not instruct the agent to read unrelated host files, exfiltrate data, or auto-apply gateway config.

✓ Install Mechanism

There is no install specification and no bundled binaries or downloads. As an instruction-only skill, nothing is written to disk or executed by default, which is proportionate to its purpose.

✓ Credentials

The skill declares no required environment variables or credentials. It contains examples showing how to declare env vars for other skills, which is appropriate for a guide and does not request unrelated secrets.

✓ Persistence & Privilege

The skill does not request always:true or any persistent background privileges. It explicitly recommends running multi-user skills in a separate, restricted agent and warns that config.patch can replace arrays (helpful safety guidance). Autonomous invocation is enabled by default but there are no other red flags that make that risky here.

版本历史

v1.0.0

Initial release: Complete guide for creating ClawHub skills that pass the security scanner. Covers frontmatter schema (all 3 env declaration formats), scanner compliance for all 5 categories, script safety patterns, config change documentation, publish workflow, and 3 ready-to-use templates. Documents the packager vs registry frontmatter discrepancy.

元数据

Slug clawhub-skill-guide

版本 1.0.0

许可证 —

累计安装 1

当前安装数 0

历史版本数 1

常见问题