← 返回 Skills 市场
openclaw-twoway deployment
作者
MarsHong-86
· GitHub ↗
· v1.0.0
· MIT-0
131
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install openclaw-two-way-deployment
功能描述
Deploy OpenClaw with a cloud gateway using Tailscale and SSH tunnel for secure local control, including auto environment check and firewall setup.
安全使用建议
This package appears to implement the claimed deployment, but take precautions before running the scripts as root: 1) Inspect the scripts line-by-line (they run curl | sh and npm install -g). 2) Remove or change the insecure options (plan2 sets dangerouslyAllowInsecurePrivateWs and an environment flag OPENCLAW_ALLOW_INSECURE_PRIVATE_WS=1). 3) Don't leave generated tokens in plaintext; store them with restrictive permissions (chmod 600) or use a secret store. 4) Prefer the official npm registry if you mistrust mirrors, and audit the openclaw package code before global install. 5) Limit exposure of SSH (port 22) and gateway ports in cloud security groups—use key-based SSH and restrict source IPs where possible. 6) If unsure, run the deployment first in an isolated VM or test instance rather than a production host. If you want, I can highlight the exact lines in the scripts that set insecure flags, write tokens to files, or run remote installers so you can review them.
功能分析
Type: OpenClaw Skill
Name: openclaw-two-way-deployment
Version: 1.0.0
The skill bundle contains multiple deployment scripts (e.g., plan1-cloud-gateway.sh, plan2-cloud-remote-gateway.sh, and plan3-local-gateway.ps1) that perform high-privilege system modifications. These include installing software globally via 'curl | sh' (Tailscale and NodeSource), modifying firewall rules (ufw, firewalld, iptables), and establishing persistence through systemd services on Linux and scheduled tasks on Windows. While these actions are consistent with the stated purpose of deploying a network gateway, the requirement for root/SYSTEM privileges and the automated modification of security configurations represent significant risky capabilities.
能力评估
Purpose & Capability
The name/description (deploy OpenClaw with a cloud gateway via Tailscale/SSH and auto environment/firewall setup) aligns with what the scripts do: install/enable Tailscale, install Node/OpenClaw, configure firewall rules, create systemd service(s) and generate tokens. Nothing requested is extraneous to deployment.
Instruction Scope
The SKILL.md and included scripts instruct the agent (and the user) to run as root, modify firewall/security groups, install packages from network sources, create systemd services, generate and write tokens to plaintext files, and set an explicit insecure configuration flag (plan2: "dangerouslyAllowInsecurePrivateWs" / OPENCLAW_ALLOW_INSECURE_PRIVATE_WS=1). Those actions are within deployment scope but have security implications and weaken default protections—this is not just diagnostic or read-only.
Install Mechanism
There is no formal install spec in the registry, but the scripts perform network installs at runtime: curl | sh from tailscale.com and NodeSource, and npm install -g openclaw (sometimes via a third-party npm mirror registry.npmmirror.com). These are common for deployment but carry moderate risk (remote scripts executed as root; npm global installs pull third‑party code).
Credentials
The skill declares no required environment variables or external credentials, which is consistent; however, it generates secrets (random tokens) and writes them to ~/.openclaw/token.txt or plaintext JSON config files, and it enables 'dangerouslyAllowInsecurePrivateWs'. Saving tokens unencrypted and enabling insecure options are disproportionate security risks relative to a straightforward deployment and should be justified or changed.
Persistence & Privilege
The scripts create and enable a systemd service so the gateway runs persistently and require root to install/configure—this is expected for a server deployment. The skill does not demand 'always: true' or other unusual platform privileges, nor does it modify other skills' config. Still, it introduces a persistent service that will run with system privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-two-way-deployment - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-two-way-deployment触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
OpenClaw-deploy 1.0.0
- Major revamp: Simplified structure and focused on three deployment scripts for cloud scenarios.
- Added automated deployment scripts: diagnostic.sh, plan1-cloud-gateway.sh, plan2-cloud-remote-gateway.sh, plan3-cloud-gateway.sh.
- Removed Docker and portable package build scripts; Docker-compose and related templates are no longer included.
- Usage flow now centers on running scenario scripts for guided deployment with firewall and dependency checks.
- Updated documentation for new deployment models and requirements.
元数据
常见问题
openclaw-twoway deployment 是什么?
Deploy OpenClaw with a cloud gateway using Tailscale and SSH tunnel for secure local control, including auto environment check and firewall setup. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 131 次。
如何安装 openclaw-twoway deployment?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-two-way-deployment」即可一键安装,无需额外配置。
openclaw-twoway deployment 是免费的吗?
是的,openclaw-twoway deployment 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
openclaw-twoway deployment 支持哪些平台?
openclaw-twoway deployment 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 openclaw-twoway deployment?
由 MarsHong-86(@marshong-86)开发并维护,当前版本 v1.0.0。
推荐 Skills