← Back to Skills Marketplace
🔌

1Panel skills

by 1Panel · GitHub ↗ · v0.0.2 · MIT-0
cross-platform ⚠ suspicious
681
Downloads
1
Stars
4
Active Installs
2
Versions
Install in OpenClaw
/install 1panel-skills
Description
1Panel operation skill for OpenClaw. Use when the user wants OpenClaw to interact with a 1Panel instance for resource monitoring, websites, certificates, app...
README (SKILL.md)

OpenClaw 1Panel

Overview

Use this skill to interact with a 1Panel instance through authenticated HTTP API calls. The bundled resources are TypeScript source files grouped by module, with query-oriented actions implemented now and mutation endpoints reserved for later expansion.

Requirements

  • Require a 1Panel API key with access to the target instance.
  • Require these environment variables when executing the TypeScript resources in an OpenClaw runtime:
    • ONEPANEL_BASE_URL
    • ONEPANEL_API_KEY
    • optional: ONEPANEL_TIMEOUT_MS
    • optional: ONEPANEL_SKIP_TLS_VERIFY=true

Workflow

  1. Choose the module that matches the user's request.
  2. Start with a list or search action to identify the exact target.
  3. Read detail, status, or logs only after the target is confirmed.
  4. If the user asks for create, update, delete, restart, stop, or any other mutation:
    • do not fabricate or guess a write workflow
    • surface the matching reserved mutation endpoint from the module
    • implement the write path only when that behavior is intentionally added to the skill

Module Groups

  • monitoring Resource monitoring, dashboard current status, top processes, historical monitor data, GPU history.
  • websites Website list/detail, Nginx config reads, domain list, HTTPS config, SSL certificate reads, website log reads.
  • apps App catalog lookup, installed app list, installed app detail, service list, port/connection info.
  • containers Container list/status/detail, inspect, stats, streaming log reads.
  • logs Operation logs, login logs, system log file list, generic line-by-line log reads.
  • cronjobs Cronjob list/detail, next execution preview, execution records, record log reads.
  • task-center 1Panel task-center list and executing count.
  • nodes Node list, simple node list, node options, node summary. Some endpoints may require Pro/XPack.

Resources

  • references/module-groups.md Human-readable overview of module boundaries, common entrypoints, and reserved write scope.
  • scripts/client.ts Shared authenticated 1Panel client.
  • scripts/cli.ts Executable CLI entry for OpenClaw or shell-based tool calls.
  • scripts/index.ts Registry of all module definitions.
  • scripts/modules/*.ts Module-specific actions and reserved mutation endpoint definitions.

Execution Notes

  • Prefer the CLI instead of letting the model construct signed HTTP requests itself.
  • The repository can ship prebuilt runtime files under dist/, so normal use should call node dist/scripts/cli.js ... directly without rebuilding first.
  • Run npm run build only after changing TypeScript source files such as plugin.ts or scripts/**/*.ts.
  • OpenClaw plugin loading should target the compiled entry at dist/plugin.js, not the TypeScript source file.
  • If the OpenClaw runtime can execute TypeScript directly, import from scripts/index.ts and call the module actions.
  • If the runtime cannot execute TypeScript directly, use the TypeScript files as the source of truth for methods, paths, query parameters, and request payload shapes.
  • The current implementation focuses on query and inspection actions; extend the reserved mutation definitions when you intentionally add managed write flows.
Usage Guidance
This package largely does what it claims: it's a read-only (for now) 1Panel API client implemented in TypeScript/JS. Before installing: 1) Be aware the code requires ONEPANEL_BASE_URL and ONEPANEL_API_KEY (these are NOT listed in the registry metadata) — provide only a key scoped for read/monitoring, and rotate it later. 2) The CLI supports --input-file which will cause the skill to read any file path you pass; don't allow the agent to pass arbitrary file paths unless you trust it. 3) The skill can fetch server logs and system files from the 1Panel instance (expected for this purpose) — only connect it to trusted 1Panel instances. 4) Because metadata omitted the required credentials, treat that as a sign to audit the plugin code (dist/plugin.js and scripts/) and verify configuration UI before granting secrets. If you need lower risk, require a read-only API key and avoid giving the skill filesystem access in the runtime.
Capability Analysis
Type: OpenClaw Skill Name: 1panel-skills Version: 0.0.2 The skill bundle provides a legitimate integration for interacting with a 1Panel server management instance via its authenticated API. It implements a structured client in `scripts/client.ts` that handles 1Panel's specific MD5-based request signing and provides comprehensive read-only access to monitoring, websites, containers, and logs. While the plugin includes a 'request' mode that allows arbitrary signed API calls, this is a standard feature for management tools and is accompanied by clear instructions in `SKILL.md` to prioritize safe query workflows. No evidence of data exfiltration, malicious execution, or intentional backdoors was found.
Capability Assessment
Purpose & Capability
The skill's name/description match its behavior: it implements read-oriented 1Panel API operations. However the registry metadata claims 'Required env vars: none' and 'Primary credential: none' while SKILL.md and the code both require ONEPANEL_BASE_URL and ONEPANEL_API_KEY (plus optional ONEPANEL_TIMEOUT_MS and ONEPANEL_SKIP_TLS_VERIFY). That mismatch between declared registry requirements and the actual code/README is a coherence issue and could mislead users about secret requirements.
Instruction Scope
SKILL.md and the code restrict functionality to query/inspection endpoints and explicitly reserve mutations for future changes, which aligns with the described scope. The CLI supports reading an --input-file and the code will read arbitrary local files when that flag is used (node:fs/promises readFile). Modules expose endpoints that read server-side logs and files (/api/v2/files/read, /api/v2/logs/system/files), which is expected for 1Panel operations but means the skill will fetch potentially sensitive server logs if given access. Overall scope is appropriate, but the ability to read arbitrary local files via --input-file should be considered when granting the agent runtime permissions.
Install Mechanism
No install spec that downloads arbitrary code from the network. The repository includes compiled JS under dist/ and TypeScript sources; package.json points to ./dist/plugin.js for OpenClaw. No external URLs, installers, or archive extracts are used. This is low-risk compared to remote downloads.
Credentials
The environment variables required by the code (ONEPANEL_BASE_URL, ONEPANEL_API_KEY, optional TIMEOUT and SKIP_TLS) are proportionate for a 1Panel integration. The concern is that the registry metadata does not declare these env vars or a primary credential—so a user or platform may not be warned that an API key (a secret) is needed. That omission is the primary proportionality/red-flag issue.
Persistence & Privilege
The skill does not request 'always: true' and does not attempt to modify other skills or system-wide settings. It provides a CLI and plugin entrypoint (dist/plugin.js) but does not claim elevated, permanent privileges beyond normal operation. Autonomous invocation is enabled (default) but not combined with other privileged behavior.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install 1panel-skills
  3. After installation, invoke the skill by name or use /1panel-skills
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.0.2
Initial TypeScript implementation for OpenClaw 1Panel skill: - Added core client, CLI entrypoint, and module registry scripts. - Introduced module-specific action files for apps, containers, cronjobs, logs, monitoring, nodes, task-center, and websites. - Implemented authenticated API query interfaces for common 1Panel resources. - Reserved mutation endpoints are defined for future expansion. - Provided detailed documentation outlining module boundaries and execution guidelines.
v0.0.1
- Initial release of the openclaw-1panel skill for resource monitoring and inspection with 1Panel instances. - Implements authenticated resource query and detail endpoints for modules such as monitoring, websites, apps, containers, logs, cronjobs, task-center, and nodes. - Write/mutation endpoints are reserved for future expansion; current behavior focuses on read-only workflows. - Requires configuration with environment variables for URL and API key, plus optional settings for timeout and TLS. - Encourages use via prebuilt CLI or compiled runtime files for integration with OpenClaw.
Metadata
Slug 1panel-skills
Version 0.0.2
License MIT-0
All-time Installs 4
Active Installs 4
Total Versions 2
Frequently Asked Questions

What is 1Panel skills?

1Panel operation skill for OpenClaw. Use when the user wants OpenClaw to interact with a 1Panel instance for resource monitoring, websites, certificates, app... It is an AI Agent Skill for Claude Code / OpenClaw, with 681 downloads so far.

How do I install 1Panel skills?

Run "/install 1panel-skills" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is 1Panel skills free?

Yes, 1Panel skills is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does 1Panel skills support?

1Panel skills is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created 1Panel skills?

It is built and maintained by 1Panel (@1panel); the current version is v0.0.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 Comments