← Back to Skills Marketplace
OpenClaw Manager
by
ZephyrChen0754
· GitHub ↗
· v0.3.2
· MIT-0
205
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install humanclaw-made-openclaw-manager
Description
Install or operate a standalone local OpenClaw manager skill that adds shadow-first thread observation, durable session/run state, a loopback-only sidecar, a...
README (SKILL.md)
OpenClaw Manager
Use this skill when the task is to operate, inspect, or extend the local OpenClaw Manager control plane.
What this skill owns
- local
session / run / event / checkpoint / attentionstate - shadow-first
thread_shadowobservation and promotion queue - append-only
events.jsonlandskill_traces.jsonl - local snapshot export
- connector normalization for Telegram, WeCom, Email, and GitHub
- capability graph and anonymized fact export
- standalone sidecar bootstrap and local command surface
- loopback-only sidecar by default
- consent-gated sidecar autostart
Entry points
- bootstrap runtime:
src/skill/bootstrap.ts - local sidecar API:
src/api/server.ts - command registry:
src/skill/commands.ts - connector registry:
src/connectors/registry.ts - capability graph:
src/telemetry/capability-graph.ts
References
- architecture:
docs/architecture.md - session model:
docs/session-model.md - event schema:
docs/event-schema.md - connector protocol:
docs/connector-protocol.md - capability facts:
docs/capability-facts.md - security model:
SECURITY.md
Usage Guidance
Before installing: 1) Treat this as a local Node.js service — ensure you want a background sidecar and local durable state under ~/.openclaw/skills/manager. 2) Verify you have Node.js >=20 and npm available (the installer requires these). 3) Inspect the code (bootstrap, sidecar-launcher, connectors) yourself or run the provided security smoke tests (node scripts/security-smoke.cjs and node scripts/smoke-test.cjs) in an isolated environment. 4) Confirm the npm registry and lockfile are acceptable to you (installer enforces official registry). 5) Note that connectors are opt-in but will require secrets if enabled; keep those secrets in private config and avoid committing them. 6) Only grant the autostart consent if you are comfortable the launcher will spawn a local Node process; you can run the sidecar manually instead. 7) If you lack the ability to audit the code, run the skill in a sandboxed user account or VM and back up any sensitive local data first.
Capability Analysis
Type: OpenClaw Skill
Name: humanclaw-made-openclaw-manager
Version: 0.3.2
The OpenClaw Manager is a local control plane designed to manage agent session state, thread observation (shadowing), and capability reporting. The bundle implements a local sidecar architecture using Express, which is strictly configured to bind to loopback (127.0.0.1) by default and requires explicit user consent for autostart functionality (src/skill/bootstrap.ts). Security-focused features are present, such as a security smoke test (scripts/security-smoke.cjs) that validates network boundaries and an installation script that enforces the official npm registry to prevent dependency confusion. No evidence of data exfiltration, unauthorized remote access, or malicious prompt injection was found; the tool's high-privilege actions (filesystem access and local process spawning) are well-documented and aligned with its stated purpose.
Capability Assessment
Purpose & Capability
The code, docs, and SKILL.md consistently describe a local Node.js 'OpenClaw Manager' that hosts a loopback sidecar, filesystem-first state, connector adapters, and telemetry exports. That behavior matches the name and description. However, the registry metadata claims 'required binaries: none' and 'required env vars: none', which is inaccurate: the project requires Node.js (node, npm) and uses many OPENCLAW_MANAGER_* configuration envs and a CODEX_HOME for optional install. This metadata mismatch is an incoherence that should be addressed.
Instruction Scope
The SKILL.md and included scripts limit network activity to loopback by default and document connector opt-in behavior. Runtime instructions read local manager settings, write durable state under a documented directory, run local health checks, and may spawn a local Node process to start the sidecar (consent-gated). They do not, by default, upload raw transcripts or phone home. Connectors (Telegram/WeCom/Email/GitHub) are present but are explicitly opt-in and require additional configuration/secrets to make external requests.
Install Mechanism
There is no registry install spec in the metadata, but the repo contains an installer script (scripts/install.sh) that runs 'npm ci' and 'npm run build'. The installer checks the npm registry and the lockfile and uses the official npm registry; that is reasonable but still involves fetching packages from npm. The presence of a full package-lock and many source files increases the surface area vs. a pure instruction-only skill. The installer also prompts for autostart consent and can copy files into $CODEX_HOME. This is moderate-risk but expected for a Node-based local sidecar.
Credentials
Registry metadata lists no required env vars, yet the code and docs read many configuration env vars (OPENCLAW_MANAGER_STATE_ROOT, OPENCLAW_MANAGER_BIND_HOST, OPENCLAW_MANAGER_SIDECAR_URL, OPENCLAW_MANAGER_ALLOW_REMOTE_SIDECAR, OPENCLAW_MANAGER_NO_AUTOSTART, OPENCLAW_MANAGER_SERVER_PROCESS, PORT, and optionally CODEX_HOME). While these are configuration values (not secrets) and are justified by the project's behavior, the absence of these in the declared metadata is an incoherence. Connectors can require secrets when enabled, which is documented; those secrets are local but should be treated with care.
Persistence & Privilege
The skill persists local state under a documented default (~/.openclaw/skills/manager) and stores a one-time autostart consent flag there. It can copy itself into $CODEX_HOME when asked. It does not request 'always: true' and does not claim to modify other skills. Autostart is consent-gated and disabled by default. These privileges are proportionate to a local manager, though autostart and process-spawning increase risk and should be explicitly consented to.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install humanclaw-made-openclaw-manager - After installation, invoke the skill by name or use
/humanclaw-made-openclaw-manager - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.3.2
Security hardening release: loopback-only default sidecar binding, consent-gated autostart, official npm registry lockfile cleanup, security smoke checks, and clearer local-sidecar disclosure.
v0.3.1
Public-ready v1. Synced skill metadata to 0.3.1, cleaned the README, added the fastest-path install flow, install modes, troubleshooting notes, and a 3-minute quickstart.
Metadata
Frequently Asked Questions
What is OpenClaw Manager?
Install or operate a standalone local OpenClaw manager skill that adds shadow-first thread observation, durable session/run state, a loopback-only sidecar, a... It is an AI Agent Skill for Claude Code / OpenClaw, with 205 downloads so far.
How do I install OpenClaw Manager?
Run "/install humanclaw-made-openclaw-manager" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw Manager free?
Yes, OpenClaw Manager is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does OpenClaw Manager support?
OpenClaw Manager is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw Manager?
It is built and maintained by ZephyrChen0754 (@zephyrchen0754); the current version is v0.3.2.
More Skills