← 返回 Skills 市场
dalomeve

Gateway Token Doctor

作者 Dalomeve · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
447
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install gateway-token-doctor
功能描述
Diagnose and fix gateway token mismatches causing 401 errors. Align tokens across config, service, and CLI surfaces.
使用说明 (SKILL.md)

Gateway Token Doctor

Diagnose and fix 401 errors from token mismatches.

Problem

Gateway token inconsistencies cause:

  • 401 Unauthorized errors
  • CLI/UI authentication failures
  • Service startup failures
  • Silent auth degradation

Workflow

1. Token Audit

# Check all token surfaces
$cfg = Get-Content "$HOME/.openclaw/openclaw.json" -Raw | ConvertFrom-Json
$auth = $cfg.gateway.auth.token
$remote = $cfg.gateway.remote.token
$service = $env:OPENCLAW_GATEWAY_TOKEN

"auth.token   = $auth"
"remote.token = $remote"
"service.token = $service"

if ($auth -and $remote -and $auth -ne $remote) {
    Write-Warning "Token mismatch: auth != remote"
}

2. Alignment Fix

# Generate or use existing token
$token = $auth

# Update config
$cfg.gateway.auth.token = $token
$cfg.gateway.remote.token = $token
$cfg | ConvertTo-Json -Depth 10 | Out-File "$HOME/.openclaw/openclaw.json" -Encoding UTF8

# Update service startup script
$servicePath = "$HOME/.openclaw/gateway.cmd"
$content = Get-Content $servicePath -Raw
$content = $content -replace 'OPENCLAW_GATEWAY_TOKEN=.*', "OPENCLAW_GATEWAY_TOKEN=$token"
$content | Out-File $servicePath -Encoding UTF8

# Restart
openclaw gateway restart

3. Verification

# Test gateway access
openclaw gateway status

# Test CLI auth
openclaw whoami

Executable Completion Criteria

Criteria Verification
All tokens aligned auth == remote == service
Gateway responds openclaw gateway status succeeds
CLI auth works openclaw whoami returns user
No 401 in logs Select-String "401" logs returns nothing

Privacy/Safety

  • Never log actual token values
  • Redact tokens in output (show first 4 chars only)
  • Store tokens only in config files

Self-Use Trigger

Use when:

  • 401 errors appear
  • Gateway restart after config change
  • CLI shows auth mismatch
  • Service fails to start

Align tokens. Restore access.

安全使用建议
This skill will read and overwrite your OpenClaw config (~/.openclaw/openclaw.json) and edit the gateway startup script (~/.openclaw/gateway.cmd), then restart the gateway. Before using it: 1) Back up the files mentioned (copy openclaw.json and gateway.cmd). 2) Inspect openclaw.json to confirm where tokens are stored and that the auth token is valid (the script uses auth => remote => service). 3) Run the steps manually first (don't run them as a blind script) or add a dry-run that prints intended changes without writing. 4) Ensure the openclaw CLI is present and you can restart the gateway manually. 5) Be aware that SKILL.md reads the OPENCLAW_GATEWAY_TOKEN env var even though metadata lists no env requirements — confirm any environment-token source before letting the skill modify files. 6) After changes, verify logs and CLI auth in a controlled environment (staging) before applying in production. If you are not comfortable with file edits or service restarts, ask an admin to perform these steps.
功能分析
Type: OpenClaw Skill Name: gateway-token-doctor Version: 1.0.0 The 'gateway-token-doctor' skill, while designed for a legitimate administrative task (fixing token mismatches), contains a significant information disclosure vulnerability. The 'Token Audit' section in `SKILL.md` explicitly prints full token values to the agent's output, directly contradicting the skill's own 'Privacy/Safety' guidelines. This flaw could expose sensitive authentication tokens, making the skill suspicious despite the absence of clear evidence of intentional malicious behavior like data exfiltration to external endpoints or backdoor installation.
能力评估
Purpose & Capability
The name/description match the actions in SKILL.md: auditing and aligning gateway tokens stored in $HOME/.openclaw/openclaw.json, the gateway startup script, and the OPENCLAW_GATEWAY_TOKEN environment variable. Asking to read and update those files is coherent with the stated purpose.
Instruction Scope
Instructions directly read and overwrite $HOME/.openclaw/openclaw.json and $HOME/.openclaw/gateway.cmd and then restart the gateway. There are no safety measures (no backups, no validation of a non-empty token, no dry-run). Regex replacement ('OPENCLAW_GATEWAY_TOKEN=.*') and writing token values directly can accidentally clobber files or inject malformed values. Verification steps reference logs generically ('Select-String "401" logs') without specifying paths. These are functional for the task but risky and insufficiently defensive.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. Nothing is written to disk by an installer, which is the lowest-risk install profile.
Credentials
The SKILL.md reads the OPENCLAW_GATEWAY_TOKEN environment variable and other local config paths, but the registry metadata lists no required env vars. That mismatch reduces transparency. While the env var and files are relevant to the stated purpose, the skill asks to read and overwrite local configuration and a startup script — privileges that should be clearly declared and confirmed with the user beforehand.
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not include installation steps that persist beyond execution. Autonomous invocation is enabled by default on the platform, but this skill does not escalate privileges beyond modifying only OpenClaw-related files.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install gateway-token-doctor
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /gateway-token-doctor 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of gateway-token-doctor. - Diagnose and resolve 401 errors caused by gateway token mismatches. - Audits token values in config, service, and CLI environments. - Provides step-by-step Powershell workflow to align and verify token consistency. - Includes safety guidelines for token handling and redaction.
元数据
Slug gateway-token-doctor
版本 1.0.0
许可证
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Gateway Token Doctor 是什么?

Diagnose and fix gateway token mismatches causing 401 errors. Align tokens across config, service, and CLI surfaces. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 447 次。

如何安装 Gateway Token Doctor?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install gateway-token-doctor」即可一键安装,无需额外配置。

Gateway Token Doctor 是免费的吗?

是的,Gateway Token Doctor 完全免费(开源免费),可自由下载、安装和使用。

Gateway Token Doctor 支持哪些平台?

Gateway Token Doctor 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Gateway Token Doctor?

由 Dalomeve(@dalomeve)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 留言讨论