{ "schemaVersion": "1.0", "item": { "slug": "webclaw", "name": "WebClaw - Turn Any Skill Into a Website — universal web dashboard for OpenClaw skills", "source": "tencent", "type": "skill", "category": "效率提升", "sourceUrl": "https://clawhub.ai/mailnike/webclaw", "canonicalUrl": "https://clawhub.ai/mailnike/webclaw", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/webclaw", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=webclaw", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "scripts/install.sh", "scripts/db_query.py", "scripts/check_deps.sh", "CONTRIBUTING.md", "LICENSE.txt", "SKILL.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-30T16:55:25.780Z", "expiresAt": "2026-05-07T16:55:25.780Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/webclaw" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/webclaw", "agentPageUrl": "https://openagent3.xyz/skills/webclaw/agent", "manifestUrl": "https://openagent3.xyz/skills/webclaw/agent.json", "briefUrl": "https://openagent3.xyz/skills/webclaw/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "webclaw", "body": "You are the Web Dashboard administrator for this OpenClaw instance. You manage a browser-based UI that provides forms, tables, charts, and AI chat for every installed skill." }, { "title": "Security Model", "body": "HTTPS enforced via Let's Encrypt (setup-ssl action)\nJWT authentication — access tokens (15 min) + refresh tokens (7 days, httpOnly cookies)\nRBAC — role-based permission checks before every skill action\nRate limiting — 5/min auth, 30/min writes, 100/min general (nginx)\nAudit logging — all mutating actions logged to audit_log table\nPasswords hashed with PBKDF2-HMAC-SHA256 (600K iterations)\nSession invalidation on password change" }, { "title": "Installation Requirements", "body": "This is an infrastructure package. Initial installation requires internet access and elevated privileges:\n\nSource: Clones application code from GitHub at a pinned release tag (v2.1.0)\nDependencies: Installs Python and Node.js packages from standard registries within an isolated venv\nSystem services: Configures nginx reverse proxy and systemd services (requires sudo)\nSSL: Optional Let's Encrypt certificate via certbot\n\nAfter installation, all runtime operations are local. No ongoing internet access is required for normal operation. No credentials or API keys are required. All data is stored locally in SQLite." }, { "title": "Skill Activation Triggers", "body": "Activate this skill when the user mentions: web dashboard, web UI, web interface, login page, HTTPS, SSL certificate, web users, roles, RBAC, nginx, web admin, dashboard access, browser access, setup web, install web dashboard." }, { "title": "Setup (First Use Only)", "body": "IMPORTANT: After installation, tell the user to open the setup page in their browser:\n\nOpen https://YOUR_SERVER/setup to create your admin account.\n\nSteps:\n\nOpen the URL shown in the install output (e.g., https://1.2.3.4/setup)\nCreate the first admin account (email + password)\nLog in — all installed skills appear in the sidebar\n\nTo enable HTTPS with a custom domain: say \"Set up SSL for yourdomain.com\"" }, { "title": "ERP Company Setup (via erpclaw, NOT webclaw)", "body": "CRITICAL: Company setup, demo data, and all ERP actions are handled by the erpclaw skill, not webclaw. Webclaw is only for web dashboard administration (users, SSL, sessions).\n\nTo set up a company via Telegram/CLI:\n\nFirst: erpclaw initialize-database (creates tables + shared library — required on first install)\nThen: erpclaw setup-company --name \"Company Name\" --currency USD --fiscal-year-start-month 1\nOptional: erpclaw seed-demo-data (loads sample data)\n\nNEVER import webclaw Python modules directly (e.g., from api.auth import ...). The webclaw API runs as a service — use the actions listed below or call the REST API." }, { "title": "Check Status", "body": "Using webclaw, show me the dashboard status\n→ runs: status" }, { "title": "Enable HTTPS", "body": "Set up SSL for erp.example.com\n→ runs: setup-ssl --domain erp.example.com" }, { "title": "Create a Web User", "body": "Create a web user for alice@company.com with Manager role\n→ runs: create-user --email alice@company.com --full-name \"Alice\" --role Manager" }, { "title": "Reset a Password", "body": "Reset the web password for alice@company.com\n→ runs: reset-password --email alice@company.com\n\nSet a specific password for alice\n→ runs: reset-password --email alice@company.com --password MyNewPass123!" }, { "title": "All Actions (Tier 2)", "body": "ActionArgsDescriptionstatus—Service status, SSL, user countsetup-ssl--domainConfigure HTTPS with Let's Encryptrenew-ssl—Check + renew SSL certificatelist-users—List all web dashboard userscreate-user--email, --full-name, --roleCreate user with temp passwordreset-password--email, --password (optional)Set specific password, or generate random onedisable-user--emailDisable a user accountlist-sessions—Show active login sessionsclear-sessions—Force all users to re-loginmaintenance—Cron: clean sessions, check certrestart-services—Restart API + frontend servicesshow-config—Display current configuration" }, { "title": "Quick Command Reference", "body": "User saysAction\"Is the dashboard running?\"status\"Set up SSL for example.com\"setup-ssl --domain example.com\"Who has web access?\"list-users\"Add web user bob@co.com\"create-user --email bob@co.com\"Reset password for bob\"reset-password --email bob@co.com\"Disable bob's web access\"disable-user --email bob@co.com\"Who's logged in?\"list-sessions\"Force everyone to re-login\"clear-sessions\"Restart the web dashboard\"restart-services\"Show web dashboard config\"show-config" }, { "title": "Proactive Suggestions", "body": "After create-user: remind user to share the temp password securely.\nAfter setup-ssl: confirm HTTPS redirect is working.\nAfter status shows ssl=false: suggest running setup-ssl.\nAfter status shows users=0: suggest opening /setup in browser." }, { "title": "Architecture", "body": "Frontend: Next.js 16 + React 19 + shadcn/ui + Tailwind v4 (port 3000)\nBackend: FastAPI + uvicorn (port 8001)\nProxy: nginx (port 80/443) → routes /api to backend, / to frontend\nDatabase: SQLite at ~/.openclaw/webclaw/webclaw.sqlite" }, { "title": "8 Generic UI Components", "body": "DataTable, FormView, DetailView, ChatPanel, ChartPanel, KanbanBoard, CalendarView, TreeView — all render dynamically from skill action responses." }, { "title": "Tables Owned", "body": "webclaw_user, webclaw_session, webclaw_config, webclaw_role, webclaw_user_role, webclaw_role_permission, chat_session, chat_message, audit_log" }, { "title": "Script Path", "body": "scripts/db_query.py --action [--key value ...]" }, { "title": "Per-Skill Customization", "body": "Skills can add a webclaw section to their SKILL.md frontmatter:\n\nwebclaw:\n domain: \"GRC & Audit\"\n database: \"~/.openclaw/auditclaw/data.sqlite\"\n entities:\n risk:\n table: risk_register\n name_col: risk_title\n id_col: id\n search_cols: [risk_category, severity]" } ], "body": "webclaw\n\nYou are the Web Dashboard administrator for this OpenClaw instance. You manage a browser-based UI that provides forms, tables, charts, and AI chat for every installed skill.\n\nSecurity Model\nHTTPS enforced via Let's Encrypt (setup-ssl action)\nJWT authentication — access tokens (15 min) + refresh tokens (7 days, httpOnly cookies)\nRBAC — role-based permission checks before every skill action\nRate limiting — 5/min auth, 30/min writes, 100/min general (nginx)\nAudit logging — all mutating actions logged to audit_log table\nPasswords hashed with PBKDF2-HMAC-SHA256 (600K iterations)\nSession invalidation on password change\nInstallation Requirements\n\nThis is an infrastructure package. Initial installation requires internet access and elevated privileges:\n\nSource: Clones application code from GitHub at a pinned release tag (v2.1.0)\nDependencies: Installs Python and Node.js packages from standard registries within an isolated venv\nSystem services: Configures nginx reverse proxy and systemd services (requires sudo)\nSSL: Optional Let's Encrypt certificate via certbot\n\nAfter installation, all runtime operations are local. No ongoing internet access is required for normal operation. No credentials or API keys are required. All data is stored locally in SQLite.\n\nSkill Activation Triggers\n\nActivate this skill when the user mentions: web dashboard, web UI, web interface, login page, HTTPS, SSL certificate, web users, roles, RBAC, nginx, web admin, dashboard access, browser access, setup web, install web dashboard.\n\nSetup (First Use Only)\n\nIMPORTANT: After installation, tell the user to open the setup page in their browser:\n\nOpen https://YOUR_SERVER/setup to create your admin account.\n\nSteps:\n\nOpen the URL shown in the install output (e.g., https://1.2.3.4/setup)\nCreate the first admin account (email + password)\nLog in — all installed skills appear in the sidebar\n\nTo enable HTTPS with a custom domain: say \"Set up SSL for yourdomain.com\"\n\nERP Company Setup (via erpclaw, NOT webclaw)\n\nCRITICAL: Company setup, demo data, and all ERP actions are handled by the erpclaw skill, not webclaw. Webclaw is only for web dashboard administration (users, SSL, sessions).\n\nTo set up a company via Telegram/CLI:\n\nFirst: erpclaw initialize-database (creates tables + shared library — required on first install)\nThen: erpclaw setup-company --name \"Company Name\" --currency USD --fiscal-year-start-month 1\nOptional: erpclaw seed-demo-data (loads sample data)\n\nNEVER import webclaw Python modules directly (e.g., from api.auth import ...). The webclaw API runs as a service — use the actions listed below or call the REST API.\n\nQuick Start (Tier 1)\nCheck Status\nUsing webclaw, show me the dashboard status\n→ runs: status\n\nEnable HTTPS\nSet up SSL for erp.example.com\n→ runs: setup-ssl --domain erp.example.com\n\nCreate a Web User\nCreate a web user for alice@company.com with Manager role\n→ runs: create-user --email alice@company.com --full-name \"Alice\" --role Manager\n\nReset a Password\nReset the web password for alice@company.com\n→ runs: reset-password --email alice@company.com\n\nSet a specific password for alice\n→ runs: reset-password --email alice@company.com --password MyNewPass123!\n\nAll Actions (Tier 2)\nAction\tArgs\tDescription\nstatus\t—\tService status, SSL, user count\nsetup-ssl\t--domain\tConfigure HTTPS with Let's Encrypt\nrenew-ssl\t—\tCheck + renew SSL certificate\nlist-users\t—\tList all web dashboard users\ncreate-user\t--email, --full-name, --role\tCreate user with temp password\nreset-password\t--email, --password (optional)\tSet specific password, or generate random one\ndisable-user\t--email\tDisable a user account\nlist-sessions\t—\tShow active login sessions\nclear-sessions\t—\tForce all users to re-login\nmaintenance\t—\tCron: clean sessions, check cert\nrestart-services\t—\tRestart API + frontend services\nshow-config\t—\tDisplay current configuration\nQuick Command Reference\nUser says\tAction\n\"Is the dashboard running?\"\tstatus\n\"Set up SSL for example.com\"\tsetup-ssl --domain example.com\n\"Who has web access?\"\tlist-users\n\"Add web user bob@co.com\"\tcreate-user --email bob@co.com\n\"Reset password for bob\"\treset-password --email bob@co.com\n\"Disable bob's web access\"\tdisable-user --email bob@co.com\n\"Who's logged in?\"\tlist-sessions\n\"Force everyone to re-login\"\tclear-sessions\n\"Restart the web dashboard\"\trestart-services\n\"Show web dashboard config\"\tshow-config\nProactive Suggestions\n\nAfter create-user: remind user to share the temp password securely. After setup-ssl: confirm HTTPS redirect is working. After status shows ssl=false: suggest running setup-ssl. After status shows users=0: suggest opening /setup in browser.\n\nTechnical Details (Tier 3)\nArchitecture\nFrontend: Next.js 16 + React 19 + shadcn/ui + Tailwind v4 (port 3000)\nBackend: FastAPI + uvicorn (port 8001)\nProxy: nginx (port 80/443) → routes /api to backend, / to frontend\nDatabase: SQLite at ~/.openclaw/webclaw/webclaw.sqlite\n8 Generic UI Components\n\nDataTable, FormView, DetailView, ChatPanel, ChartPanel, KanbanBoard, CalendarView, TreeView — all render dynamically from skill action responses.\n\nTables Owned\n\nwebclaw_user, webclaw_session, webclaw_config, webclaw_role, webclaw_user_role, webclaw_role_permission, chat_session, chat_message, audit_log\n\nScript Path\nscripts/db_query.py --action [--key value ...]\n\nPer-Skill Customization\n\nSkills can add a webclaw section to their SKILL.md frontmatter:\n\nwebclaw:\n domain: \"GRC & Audit\"\n database: \"~/.openclaw/auditclaw/data.sqlite\"\n entities:\n risk:\n table: risk_register\n name_col: risk_title\n id_col: id\n search_cols: [risk_category, severity]" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/mailnike/webclaw", "publisherUrl": "https://clawhub.ai/mailnike/webclaw", "owner": "mailnike", "version": "2.1.3", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/webclaw", "downloadUrl": "https://openagent3.xyz/downloads/webclaw", "agentUrl": "https://openagent3.xyz/skills/webclaw/agent", "manifestUrl": "https://openagent3.xyz/skills/webclaw/agent.json", "briefUrl": "https://openagent3.xyz/skills/webclaw/agent.md" } }