# Send Electron to your agent
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
## Fast path
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
## Suggested prompts
### New install

```text
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.
```
### Upgrade existing

```text
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.
```
## Machine-readable fields
```json
{
  "schemaVersion": "1.0",
  "item": {
    "slug": "electron",
    "name": "Electron",
    "source": "tencent",
    "type": "skill",
    "category": "AI 智能",
    "sourceUrl": "https://clawhub.ai/ivangdavila/electron",
    "canonicalUrl": "https://clawhub.ai/ivangdavila/electron",
    "targetPlatform": "OpenClaw"
  },
  "install": {
    "downloadUrl": "/downloads/electron",
    "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=electron",
    "sourcePlatform": "tencent",
    "targetPlatform": "OpenClaw",
    "packageFormat": "ZIP package",
    "primaryDoc": "SKILL.md",
    "includedAssets": [
      "SKILL.md"
    ],
    "downloadMode": "redirect",
    "sourceHealth": {
      "source": "tencent",
      "slug": "electron",
      "status": "healthy",
      "reason": "direct_download_ok",
      "recommendedAction": "download",
      "checkedAt": "2026-05-01T07:36:15.858Z",
      "expiresAt": "2026-05-08T07:36:15.858Z",
      "httpStatus": 200,
      "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=electron",
      "contentType": "application/zip",
      "probeMethod": "head",
      "details": {
        "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=electron",
        "contentDisposition": "attachment; filename=\"electron-1.0.0.zip\"",
        "redirectLocation": null,
        "bodySnippet": null,
        "slug": "electron"
      },
      "scope": "item",
      "summary": "Item download looks usable.",
      "detail": "Yavira can redirect you to the upstream package for this item.",
      "primaryActionLabel": "Download for OpenClaw",
      "primaryActionHref": "/downloads/electron"
    },
    "validation": {
      "installChecklist": [
        "Use the Yavira download entry.",
        "Review SKILL.md after the package is downloaded.",
        "Confirm the extracted package contains the expected setup assets."
      ],
      "postInstallChecks": [
        "Confirm the extracted package includes the expected docs or setup files.",
        "Validate the skill or prompts are available in your target agent workspace.",
        "Capture any manual follow-up steps the agent could not complete."
      ]
    }
  },
  "links": {
    "detailUrl": "https://openagent3.xyz/skills/electron",
    "downloadUrl": "https://openagent3.xyz/downloads/electron",
    "agentUrl": "https://openagent3.xyz/skills/electron/agent",
    "manifestUrl": "https://openagent3.xyz/skills/electron/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/electron/agent.md"
  }
}
```
## Documentation

### Security Non-Negotiables

nodeIntegration: false is mandatory — renderer with Node.js access means XSS = full system compromise
contextIsolation: true is mandatory — separates preload context from renderer
Whitelist IPC channels explicitly — never forward arbitrary channel names from renderer
Validate all IPC message content — renderer is untrusted, treat like external API input
Never use eval() or new Function() in renderer — defeats all security boundaries

### Preload Script Rules

contextBridge.exposeInMainWorld() is the only safe bridge — raw ipcRenderer exposure is vulnerable
Clone data before passing across bridge — prevents prototype pollution attacks
Minimal API surface — expose specific functions, not generic send/receive

### Architecture Traps

webPreferences locked after window creation — can't enable nodeIntegration later
Blocking main process freezes ALL windows — async everything, no sync file operations
Each BrowserWindow is separate renderer process — can't share JS variables directly
show: false then ready-to-show — prevents white flash, looks more native

### Native Module Pain

Pre-built native modules won't work — must rebuild for Electron's specific Node version
electron-rebuild after every Electron upgrade — version mismatch = runtime crash
N-API modules more stable — survive Electron upgrades better than nan-based

### Packaging Pitfalls

Dev dependencies included by default — production builds bloat without explicit exclusion
Code signing required for macOS auto-update — unsigned apps can't use Squirrel
Windows notifications require app.setAppUserModelId() — silent failure without it
ASAR isn't encryption — source readable with simple tools, don't rely on it for secrets

### Platform-Specific Issues

CORS blocks file:// protocol — use custom protocol (app://) or local server
Windows needs NSIS or Squirrel for auto-update — installer format matters
macOS universal binary needs --universal flag — ships both Intel and ARM

### Memory and Performance

Unclosed windows leak memory — call win.destroy() explicitly when done
Lazy load heavy modules — startup time directly affects perceived quality
backgroundThrottling: false if timers matter when minimized

### Debugging

Main process: --inspect flag, connect via chrome://inspect
Renderer: webContents.openDevTools() or keyboard shortcut
electron-log for persistent logs — console.log vanishes on restart
## Trust
- Source: tencent
- Verification: Indexed source record
- Publisher: ivangdavila
- Version: 1.0.0
## Source health
- Status: healthy
- Item download looks usable.
- Yavira can redirect you to the upstream package for this item.
- Health scope: item
- Reason: direct_download_ok
- Checked at: 2026-05-01T07:36:15.858Z
- Expires at: 2026-05-08T07:36:15.858Z
- Recommended action: Download for OpenClaw
## Links
- [Detail page](https://openagent3.xyz/skills/electron)
- [Send to Agent page](https://openagent3.xyz/skills/electron/agent)
- [JSON manifest](https://openagent3.xyz/skills/electron/agent.json)
- [Markdown brief](https://openagent3.xyz/skills/electron/agent.md)
- [Download page](https://openagent3.xyz/downloads/electron)