{ "schemaVersion": "1.0", "item": { "slug": "windows", "name": "Windows", "source": "tencent", "type": "skill", "category": "安全合规", "sourceUrl": "https://clawhub.ai/ivangdavila/windows", "canonicalUrl": "https://clawhub.ai/ivangdavila/windows", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/windows", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=windows", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/windows" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/windows", "agentPageUrl": "https://openagent3.xyz/skills/windows/agent", "manifestUrl": "https://openagent3.xyz/skills/windows/agent.json", "briefUrl": "https://openagent3.xyz/skills/windows/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Credential Management", "body": "Never hardcode passwords in scripts — use Windows Credential Manager:\n# Store\ncmdkey /generic:\"MyService\" /user:\"admin\" /pass:\"secret\"\n# Retrieve in script\n$cred = Get-StoredCredential -Target \"MyService\"\n\n\nFor scripts, use Get-Credential and export securely:\n$cred | Export-Clixml -Path \"cred.xml\" # Encrypted to current user/machine\n$cred = Import-Clixml -Path \"cred.xml\"" }, { "title": "Silent Failures", "body": "Windows Defender silently quarantines downloaded scripts/executables — check quarantine if script disappears\nGroup Policy overrides local settings silently — gpresult /r to see what's actually applied\nAntivirus real-time scanning blocks file operations intermittently — add exclusions for build/automation folders\nPowerShell -ErrorAction SilentlyContinue hides problems — use Stop and handle explicitly" }, { "title": "Symbolic Links", "body": "Creating symlinks requires admin OR SeCreateSymbolicLinkPrivilege — regular users fail silently\nEnable Developer Mode for symlinks without admin: Settings → For Developers → Developer Mode\nmklink is CMD-only, PowerShell uses New-Item -ItemType SymbolicLink" }, { "title": "Script Signing", "body": "Unsigned scripts fail on restricted machines with confusing errors — sign for production:\n$cert = Get-ChildItem Cert:\\CurrentUser\\My -CodeSigningCert\nSet-AuthenticodeSignature -FilePath script.ps1 -Certificate $cert\n\n\nAllSigned policy requires ALL scripts signed including profile.ps1" }, { "title": "Operational Safety", "body": "Always -WhatIf first on destructive operations — Remove-Item -Recurse -WhatIf\nStart-Transcript for audit trail — forgotten until incident investigation\nNTFS permissions: icacls for CLI, but inheritance rules are non-obvious — test changes on copy first" }, { "title": "WinRM Remoting", "body": "Enable correctly: Enable-PSRemoting -Force isn't enough on workgroups\nWorkgroup machines need TrustedHosts: Set-Item WSMan:\\localhost\\Client\\TrustedHosts -Value \"server1,server2\"\nHTTPS remoting needs certificate setup — HTTP sends credentials readable on network" }, { "title": "Event Logging", "body": "Scripts should log to Windows Event Log for centralized monitoring:\nNew-EventLog -LogName Application -Source \"MyScript\" -ErrorAction SilentlyContinue\nWrite-EventLog -LogName Application -Source \"MyScript\" -EventId 1000 -Message \"Started\"\n\n\nCustom event sources require admin to create — create during install, not runtime" }, { "title": "File Locking", "body": "Windows locks files aggressively — test file access before operations:\ntry { [IO.File]::OpenWrite($path).Close(); $true } catch { $false }\n\n\nScheduled tasks writing to same file as user → conflicts. Use unique temp files and atomic rename" }, { "title": "Temp File Hygiene", "body": "$env:TEMP fills silently — scripts should cleanup with try/finally:\n$tmp = New-TemporaryFile\ntry { ... } finally { Remove-Item $tmp -Force }\n\n\nOrphaned temp files accumulate across reboots — unlike Linux /tmp" }, { "title": "Service Account Gotchas", "body": "Services run in different user context — $env:USERPROFILE points to system profile, not user's\nNetwork access from SYSTEM account uses machine credentials — may fail where user succeeds\nMapped drives don't exist for services — use UNC paths \\\\server\\share" } ], "body": "Credential Management\nNever hardcode passwords in scripts — use Windows Credential Manager:\n# Store\ncmdkey /generic:\"MyService\" /user:\"admin\" /pass:\"secret\"\n# Retrieve in script\n$cred = Get-StoredCredential -Target \"MyService\"\n\nFor scripts, use Get-Credential and export securely:\n$cred | Export-Clixml -Path \"cred.xml\" # Encrypted to current user/machine\n$cred = Import-Clixml -Path \"cred.xml\"\n\nSilent Failures\nWindows Defender silently quarantines downloaded scripts/executables — check quarantine if script disappears\nGroup Policy overrides local settings silently — gpresult /r to see what's actually applied\nAntivirus real-time scanning blocks file operations intermittently — add exclusions for build/automation folders\nPowerShell -ErrorAction SilentlyContinue hides problems — use Stop and handle explicitly\nSymbolic Links\nCreating symlinks requires admin OR SeCreateSymbolicLinkPrivilege — regular users fail silently\nEnable Developer Mode for symlinks without admin: Settings → For Developers → Developer Mode\nmklink is CMD-only, PowerShell uses New-Item -ItemType SymbolicLink\nScript Signing\nUnsigned scripts fail on restricted machines with confusing errors — sign for production:\n$cert = Get-ChildItem Cert:\\CurrentUser\\My -CodeSigningCert\nSet-AuthenticodeSignature -FilePath script.ps1 -Certificate $cert\n\nAllSigned policy requires ALL scripts signed including profile.ps1\nOperational Safety\nAlways -WhatIf first on destructive operations — Remove-Item -Recurse -WhatIf\nStart-Transcript for audit trail — forgotten until incident investigation\nNTFS permissions: icacls for CLI, but inheritance rules are non-obvious — test changes on copy first\nWinRM Remoting\nEnable correctly: Enable-PSRemoting -Force isn't enough on workgroups\nWorkgroup machines need TrustedHosts: Set-Item WSMan:\\localhost\\Client\\TrustedHosts -Value \"server1,server2\"\nHTTPS remoting needs certificate setup — HTTP sends credentials readable on network\nEvent Logging\nScripts should log to Windows Event Log for centralized monitoring:\nNew-EventLog -LogName Application -Source \"MyScript\" -ErrorAction SilentlyContinue\nWrite-EventLog -LogName Application -Source \"MyScript\" -EventId 1000 -Message \"Started\"\n\nCustom event sources require admin to create — create during install, not runtime\nFile Locking\nWindows locks files aggressively — test file access before operations:\ntry { [IO.File]::OpenWrite($path).Close(); $true } catch { $false }\n\nScheduled tasks writing to same file as user → conflicts. Use unique temp files and atomic rename\nTemp File Hygiene\n$env:TEMP fills silently — scripts should cleanup with try/finally:\n$tmp = New-TemporaryFile\ntry { ... } finally { Remove-Item $tmp -Force }\n\nOrphaned temp files accumulate across reboots — unlike Linux /tmp\nService Account Gotchas\nServices run in different user context — $env:USERPROFILE points to system profile, not user's\nNetwork access from SYSTEM account uses machine credentials — may fail where user succeeds\nMapped drives don't exist for services — use UNC paths \\\\server\\share" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/ivangdavila/windows", "publisherUrl": "https://clawhub.ai/ivangdavila/windows", "owner": "ivangdavila", "version": "1.0.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/windows", "downloadUrl": "https://openagent3.xyz/downloads/windows", "agentUrl": "https://openagent3.xyz/skills/windows/agent", "manifestUrl": "https://openagent3.xyz/skills/windows/agent.json", "briefUrl": "https://openagent3.xyz/skills/windows/agent.md" } }