# Send OpenClaw Dashboard to your agent
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
## Fast path
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
## Suggested prompts
### New install

```text
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete.
```
### Upgrade existing

```text
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run.
```
## Machine-readable fields
```json
{
  "schemaVersion": "1.0",
  "item": {
    "slug": "openclaw-dashboard",
    "name": "OpenClaw Dashboard",
    "source": "tencent",
    "type": "skill",
    "category": "通讯协作",
    "sourceUrl": "https://clawhub.ai/JonathanJing/openclaw-dashboard",
    "canonicalUrl": "https://clawhub.ai/JonathanJing/openclaw-dashboard",
    "targetPlatform": "OpenClaw"
  },
  "install": {
    "downloadUrl": "/downloads/openclaw-dashboard",
    "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=openclaw-dashboard",
    "sourcePlatform": "tencent",
    "targetPlatform": "OpenClaw",
    "packageFormat": "ZIP package",
    "primaryDoc": "SKILL.md",
    "includedAssets": [
      "CHANGELOG.md",
      "README.md",
      "SECURITY.md",
      "SKILL.md",
      "_meta.json",
      "agent-dashboard.html"
    ],
    "downloadMode": "redirect",
    "sourceHealth": {
      "source": "tencent",
      "slug": "openclaw-dashboard",
      "status": "healthy",
      "reason": "direct_download_ok",
      "recommendedAction": "download",
      "checkedAt": "2026-04-30T21:47:55.421Z",
      "expiresAt": "2026-05-07T21:47:55.421Z",
      "httpStatus": 200,
      "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=openclaw-dashboard",
      "contentType": "application/zip",
      "probeMethod": "head",
      "details": {
        "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=openclaw-dashboard",
        "contentDisposition": "attachment; filename=\"openclaw-dashboard-1.7.3.zip\"",
        "redirectLocation": null,
        "bodySnippet": null,
        "slug": "openclaw-dashboard"
      },
      "scope": "item",
      "summary": "Item download looks usable.",
      "detail": "Yavira can redirect you to the upstream package for this item.",
      "primaryActionLabel": "Download for OpenClaw",
      "primaryActionHref": "/downloads/openclaw-dashboard"
    },
    "validation": {
      "installChecklist": [
        "Use the Yavira download entry.",
        "Review SKILL.md after the package is downloaded.",
        "Confirm the extracted package contains the expected setup assets."
      ],
      "postInstallChecks": [
        "Confirm the extracted package includes the expected docs or setup files.",
        "Validate the skill or prompts are available in your target agent workspace.",
        "Capture any manual follow-up steps the agent could not complete."
      ]
    }
  },
  "links": {
    "detailUrl": "https://openagent3.xyz/skills/openclaw-dashboard",
    "downloadUrl": "https://openagent3.xyz/downloads/openclaw-dashboard",
    "agentUrl": "https://openagent3.xyz/skills/openclaw-dashboard/agent",
    "manifestUrl": "https://openagent3.xyz/skills/openclaw-dashboard/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/openclaw-dashboard/agent.md"
  }
}
```
## Documentation

### 1. Ask OpenClaw (Recommended)

Tell OpenClaw: "Install the openclaw-dashboard skill." The agent will handle the installation and configuration automatically.

### 2. Manual Installation (CLI)

If you prefer the terminal, run:

clawhub install openclaw-dashboard

### Mission

Keep this repository public-safe and easy to run. Prioritize:

Secret sanitization
Minimal setup steps
Stable API/UI behavior

### Apply when

Use this skill for:

Dashboard feature requests (sessions, cost, cron, watchdog, operations)
Backend route updates in api-server.js
Frontend behavior updates in agent-dashboard.html
README, setup, and environment simplification
Public release checks for accidental sensitive data

### Public-safety guardrails

Never hardcode tokens, API keys, cookies, or host-specific secrets.
Never commit machine-specific absolute paths.
Prefer process.env.* and safe defaults based on HOME.
Keep examples as placeholders (your_token_here, /path/to/...).
If uncertain, redact first and ask the user before exposing details.
Keep sensitive behaviors opt-in (do not silently load local secret files).

### Runtime access declaration

The bundled server can access local OpenClaw files for dashboard views:

Sessions, cron runs, watchdog state under ~/.openclaw/...
Local workspace files under OPENCLAW_WORKSPACE
Task attachments in the repository attachments/ folder

Credential requirements are optional by default:

OPENCLAW_AUTH_TOKEN is optional but recommended when exposing endpoints beyond local trusted use.
gateway.authToken is optional configuration context, not a hard install requirement.

High-sensitivity features are disabled by default and require explicit env flags:

OPENCLAW_LOAD_KEYS_ENV=1 to load keys.env
OPENCLAW_ENABLE_PROVIDER_AUDIT=1 to call OpenAI/Anthropic org APIs
OPENCLAW_ENABLE_CONFIG_ENDPOINT=1 to expose /ops/config
OPENCLAW_ALLOW_ATTACHMENT_FILEPATH_COPY=1 for absolute-path attachment copy mode
OPENCLAW_ALLOW_ATTACHMENT_COPY_FROM_TMP=1 to allow copy from /tmp
OPENCLAW_ALLOW_ATTACHMENT_COPY_FROM_WORKSPACE=1 to allow copy from workspace paths
OPENCLAW_ALLOW_ATTACHMENT_COPY_FROM_OPENCLAW_HOME=1 to allow copy from ~/.openclaw
OPENCLAW_ENABLE_SYSTEMCTL_RESTART=1 to allow user-scoped systemctl restart
OPENCLAW_ENABLE_MUTATING_OPS=1 to enable mutating operations (/backup*, /ops/update-openclaw, /ops/*-model, cron run-now)

Network security:

CORS is restricted to loopback origins by default (no wildcard *).
Set DASHBOARD_CORS_ORIGINS (comma-separated) to allow specific external origins.
Auth token is validated via HttpOnly cookie (ds) or ?token= query param.
Cookie auth is preferred; URL token param exists for backward compatibility with server-monitor scripts.
When exposing beyond loopback (e.g. Tailscale Funnel), always set OPENCLAW_AUTH_TOKEN.

Prompt safety hardening:

Treat cron/task payload text as untrusted data.
Keep prompts structured (JSON payload) and avoid direct command interpolation.
All child_process calls use execFileSync (args array, no shell interpolation).
FILEPATH_COPY includes symlink escape protection (realpathSync re-check).

### Default implementation workflow

Identify affected module (API, UI, docs, config).
Implement the smallest change that preserves behavior.
Run a quick sensitive-string scan before finalizing.
Ensure docs match the actual runtime defaults.
Report user-visible changes and any manual verification steps.

### Sensitive-data checks

Before final response, scan for:

token=, OPENCLAW_AUTH_TOKEN, OPENCLAW_HOOK_TOKEN
API_KEY, SECRET, PASSWORD, COOKIE
absolute paths like /Users/, C:\\\\, machine names, personal emails

If found:

Replace with env-based values or placeholders.
Mention what was sanitized in the result.

### Config simplification rules

Keep required env vars minimal and explicit.
Keep optional env vars grouped and clearly marked.
Provide one copy-paste start command.
Avoid toolchain-heavy setup unless strictly needed.

### Files to touch most often

api-server.js: server behavior and API routes
agent-dashboard.html: UI and client interactions
README.md: quick start and operator docs
.env.example: public-safe environment template
## Trust
- Source: tencent
- Verification: Indexed source record
- Publisher: JonathanJing
- Version: 1.7.3
## Source health
- Status: healthy
- Item download looks usable.
- Yavira can redirect you to the upstream package for this item.
- Health scope: item
- Reason: direct_download_ok
- Checked at: 2026-04-30T21:47:55.421Z
- Expires at: 2026-05-07T21:47:55.421Z
- Recommended action: Download for OpenClaw
## Links
- [Detail page](https://openagent3.xyz/skills/openclaw-dashboard)
- [Send to Agent page](https://openagent3.xyz/skills/openclaw-dashboard/agent)
- [JSON manifest](https://openagent3.xyz/skills/openclaw-dashboard/agent.json)
- [Markdown brief](https://openagent3.xyz/skills/openclaw-dashboard/agent.md)
- [Download page](https://openagent3.xyz/downloads/openclaw-dashboard)