← 返回 Skills 市场
819
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install openclaw-menubar
功能描述
Enable OpenClaw as a native macOS menu bar app with quick access popup. **macOS ONLY** - not compatible with Windows or Linux. Use when user asks to "enable menubar", "add menu bar", "run in menu bar", "make it accessible from menu bar", or wants quick OpenClaw access without opening full dashboard.
安全使用建议
This package appears to do what it says: it installs an Electron menubar app that auto-discovers your local OpenClaw gateway and uses any token found in ~/.openclaw/openclaw.json to authenticate. Before installing: 1) Inspect package.json/package-lock.json for untrusted dependencies (npm install will fetch packages). 2) Review scripts/install.sh and scripts/start.sh to see what they run. 3) Be aware the app will read ~/.openclaw/openclaw.json (to extract gateway URL/token) and will save ~/.openclaw/menubar-config.json. 4) The app registers a custom protocol handler (openclawmenubar://) and a global shortcut — these are normal for UX but are persistent. 5) If you care about tight security, build/run the app in a disposable account or VM first, and verify the token handling and network endpoints are local (localhost/LAN). Finally, note the minor documentation inconsistency about cross-platform support (the code is macOS-focused); if you need non-macOS support, ask the maintainer for clarification.
功能分析
Type: OpenClaw Skill
Name: openclaw-menubar
Version: 1.0.0
The skill is classified as suspicious due to insecure `webPreferences` in the Electron `main.js` file. Specifically, the main `BrowserWindow` is configured with `nodeIntegration: true`, `contextIsolation: false`, and `enableRemoteModule: true`. While the primary content (OpenClaw webchat) is loaded into a more securely sandboxed `BrowserView`, this configuration for the main window (which loads `index-webchat.html`) is a common Electron vulnerability pattern that could lead to remote code execution if an attacker could inject code into the main window's renderer process. Although the `index-webchat.html` is a simple local file, this setup is a significant security flaw. Other files like `renderer.js` and `simple-client.js` contain direct `child_process.execPromise` calls, but these appear to be dead code not used by the main application entry point.
能力评估
Purpose & Capability
The name/description match the code: this is an Electron-based macOS menubar app that embeds the OpenClaw webchat and auto-discovers a local gateway. One discrepancy: some docs (MARKETPLACE.md, distribution notes) claim cross-platform builds, while SKILL.md and other files emphasize macOS-only. This is likely documentation inconsistency rather than malicious behavior.
Instruction Scope
Runtime instructions (SKILL.md) tell the agent to run provided scripts (install/start/stop/status) and the included code reads ~/.openclaw/openclaw.json, tries common local URLs, and may run the 'openclaw status' CLI. All of these actions are consistent with auto-discovery and local authentication for a gateway app.
Install Mechanism
No registry install spec is declared; scripts/install.sh calls npm install in the packaged assets which will pull dependencies declared in package.json/package-lock.json. This is expected for an Electron app, but npm will fetch packages from public registries — review package.json and package-lock.json if you want to audit third-party dependencies before installing.
Credentials
The skill does not request environment variables or external credentials. It does read and persist local config files (~/.openclaw/openclaw.json and ~/.openclaw/menubar-config.json) and extracts an OpenClaw gateway token for auto-auth. Reading the gateway token is proportional to the stated purpose, but you should be aware the token is handled locally (inserted into a load URL and into websocket query params).
Persistence & Privilege
The app writes a persistent config (~/.openclaw/menubar-config.json), registers a custom protocol handler (openclawmenubar://) for OAuth callbacks, and registers a global keyboard shortcut. These are normal for a native helper app but are persistent system-level changes — not automatically dangerous but worth noting.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-menubar - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-menubar触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: Adds native macOS menu bar support for OpenClaw.
- Introduces a macOS-only that adds an OpenClaw crab icon to the menu bar for quick access.
- Instant chat popup via menu bar icon, no browser required.
- Includes keyboard shortcut (Cmd+Shift+O) to toggle the chat window.
- Features lightweight design, native look, and easy icon customization.
- Provides installation/start/stop scripts and troubleshooting guidance.
- Requires OpenClaw gateway running locally and Node.js.
元数据
常见问题
openclaw menubar 是什么?
Enable OpenClaw as a native macOS menu bar app with quick access popup. **macOS ONLY** - not compatible with Windows or Linux. Use when user asks to "enable menubar", "add menu bar", "run in menu bar", "make it accessible from menu bar", or wants quick OpenClaw access without opening full dashboard. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 819 次。
如何安装 openclaw menubar?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-menubar」即可一键安装,无需额外配置。
openclaw menubar 是免费的吗?
是的,openclaw menubar 完全免费(开源免费),可自由下载、安装和使用。
openclaw menubar 支持哪些平台?
openclaw menubar 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 openclaw menubar?
由 prab002(@prab002)开发并维护,当前版本 v1.0.0。
推荐 Skills