SKILL.md

---
name: openclaw
description: "OpenClaw CLI包装器——网关、通道、模型、代理、节点、浏览器、内存、安全、自动化。"
---

# OpenClaw Skill

CLI wrapper + docs companion. Does NOT contain OpenClaw runtime source.
Wraps `openclaw` CLI and provides local reference docs aligned to `https://docs.openclaw.ai`.

## Prerequisites
- `openclaw` CLI in `PATH` (required)
- Node.js (install/update flows), Playwright deps (browser), Tailscale (remote nodes) — optional

## Quick Reference

| Need | File |
|------|------|
| Find a command | `references/cli-full.md` → search by keyword |
| Security rules | `references/security-policy.md` |
| Config syntax | `references/config-schema.md` |
| Deploy/update | `references/deployment.md` |
| Platform notes | `references/nodes-platforms.md` |
| Doc links | `references/hubs.md` |

## Global Flags
`--dev` `--profile <name>` `--no-color` `--json` `-V`

## Security Model
Default: least privilege. High-risk ops require explicit per-action approval.

### Low-risk (default)
Status, list, health, doctor, logs, config read, docs search, memory search.

### High-risk (require `OPENCLAW_WRAPPER_ALLOW_RISKY=1`)
Shell exec · nodes invoke/run/camera/screen/location · browser automation · cron mutate · plugin/hook install · device pairing · secrets apply · sandbox recreate · webhooks · dns setup.

Wrapper: `bash scripts/openclaw.sh <command> [args]`
Granular gating: plugin gates only install/enable, secrets gates only apply, sandbox gates only recreate.

## Wrapper Command Routes
```
LOW-RISK (pass-through):
  install setup doctor status reset version tui dashboard
  update uninstall health logs configure completion config docs qr
  channel model agent agents message sessions memory skills
  security approvals system directory acp gateway service

HIGH-RISK (OPENCLAW_WRAPPER_ALLOW_RISKY=1):
  cron browser webhooks dns nodes node devices pairing prose
  plugin (install|enable only)
  hooks (install|enable only)
  secrets (apply only)
  sandbox (recreate only)
```

## Non-goals
- Not the OpenClaw runtime source
- Does not provision system packages
- Does not manage networking/VPN
- Does not authorize autonomous privileged execution

---
Last normalization: 2026-02-27 · Source: `https://docs.openclaw.ai`
Initial commit with translated description 2026-03-29 09:38:44 +08:00			`---`
			`name: openclaw`
			`description: "OpenClaw CLI包装器——网关、通道、模型、代理、节点、浏览器、内存、安全、自动化。"`
			`---`

			`# OpenClaw Skill`

			`CLI wrapper + docs companion. Does NOT contain OpenClaw runtime source.`
			Wraps `openclaw` CLI and provides local reference docs aligned to `https://docs.openclaw.ai`.

			`## Prerequisites`
			- `openclaw` CLI in `PATH` (required)
			`- Node.js (install/update flows), Playwright deps (browser), Tailscale (remote nodes) — optional`

			`## Quick Reference`

			`\| Need \| File \|`
			`\|------\|------\|`
			\| Find a command \| `references/cli-full.md` → search by keyword \|
			\| Security rules \| `references/security-policy.md` \|
			\| Config syntax \| `references/config-schema.md` \|
			\| Deploy/update \| `references/deployment.md` \|
			\| Platform notes \| `references/nodes-platforms.md` \|
			\| Doc links \| `references/hubs.md` \|

			`## Global Flags`
			`--dev` `--profile <name>` `--no-color` `--json` `-V`

			`## Security Model`
			`Default: least privilege. High-risk ops require explicit per-action approval.`

			`### Low-risk (default)`
			`Status, list, health, doctor, logs, config read, docs search, memory search.`

			### High-risk (require `OPENCLAW_WRAPPER_ALLOW_RISKY=1`)
			`Shell exec · nodes invoke/run/camera/screen/location · browser automation · cron mutate · plugin/hook install · device pairing · secrets apply · sandbox recreate · webhooks · dns setup.`

			Wrapper: `bash scripts/openclaw.sh <command> [args]`
			`Granular gating: plugin gates only install/enable, secrets gates only apply, sandbox gates only recreate.`

			`## Wrapper Command Routes`
			```
			`LOW-RISK (pass-through):`
			`install setup doctor status reset version tui dashboard`
			`update uninstall health logs configure completion config docs qr`
			`channel model agent agents message sessions memory skills`
			`security approvals system directory acp gateway service`

			`HIGH-RISK (OPENCLAW_WRAPPER_ALLOW_RISKY=1):`
			`cron browser webhooks dns nodes node devices pairing prose`
			`plugin (install\|enable only)`
			`hooks (install\|enable only)`
			`secrets (apply only)`
			`sandbox (recreate only)`
			```

			`## Non-goals`
			`- Not the OpenClaw runtime source`
			`- Does not provision system packages`
			`- Does not manage networking/VPN`
			`- Does not authorize autonomous privileged execution`

			`---`
			Last normalization: 2026-02-27 · Source: `https://docs.openclaw.ai`