Automate OpenClaw nightly releases, branch maintenance, and forward-porting to main.
Overall risk is low: this skill is classified as prompt-only, requires no mandatory secrets, declares no remote endpoints, and points to a highly adopted open-source GitHub repository. The material includes release-automation and host/private-state instructions, but these appear to be operational guidance rather than capabilities inherently executed by the skill itself.
The material and checks indicate the skill itself requires no mandatory secrets or environment variables. The README only references optional `$release-private`, cron IDs, Discord routing IDs, and a GitHub write wrapper, suggesting operational workflows may depend on sensitive configuration, but there is no sign that users must directly provide credentials to the skill.
No remote endpoints are declared, and the system classifies it as prompt-only; therefore there is no evidence that the skill itself exfiltrates user data. The README mentions GitHub/npm/Discord in release workflows, but that is contextual operational guidance rather than proof of network transmission by the skill itself.
Although the README contains example commands such as `git` and `openclaw cron run`, the objective checks classify this as a prompt/document-only skill, not one that inherently spawns local processes or executes code. No execution privileges beyond documentation-style instructions are evidenced in the provided material.
The material mentions reading repository docs, workflow files, and a `$release-private` state file, but these are human operational instructions. As for the skill itself, there is no declared capability to directly read or write local files, host paths, or other data resources, and no sign of overbroad access.
The source is an open-source GitHub repository with auditable code and extremely high community adoption (about 377k stars), which strongly lowers supply-chain risk. License information is not declared and maintenance status is unknown, but the current evidence does not justify a higher risk rating.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "release-openclaw-nightly" skill from askskill: 1. Download https://raw.githubusercontent.com/openclaw/openclaw/main/.agents/skills/release-openclaw-nightly/SKILL.md 2. Save it as ~/.claude/skills/release-openclaw-nightly/SKILL.md 3. Reload skills and tell me it's ready
Design a nightly/alpha release automation workflow for the OpenClaw project, including isolated release branches, local patch application, CI builds, artifact publishing, and rollback strategies on failure.
A structured nightly release plan covering branches, CI steps, release artifacts, and failure handling.
Help me define retention rules for OpenClaw nightly release branches, including retention periods, cleanup conditions, naming conventions, and safeguards against deleting still-needed branches.
Clear branch retention and cleanup rules ready for repository governance or automation scripts.
Design a process to automatically forward-port fixes from nightly branches to main, including conflict detection, manual approval gates, merge tracking, and notification mechanisms.
An executable forward-porting plan with clear automation steps, approval points, and conflict handling.
Use for Tideclaw/OpenClaw alpha/nightly release automation, manual alpha triggers, beta prep, release-branch repair, and post-release forward-port. Load $release-private if it exists before using Tideclaw host paths, cron ids, or Discord routing ids.
main.main and prove main CI green.gh write wrapper below.Tideclaw should commit under its own machine identity on release branches and forward-port branches:
git config user.name "Tideclaw"
git config user.email "[email protected]"
This is good for auditability if commits are clearly machine-authored and gated by CI. Avoid direct pushes to protected main; forward-port via PR/automerge unless the repo policy explicitly allows the bot to push after green checks. Include human Co-authored-by only when a human supplied the patch or explicit commit text.
tideclaw/alpha/tideclaw/alpha/YYYY-MM-DD-HHMMZorigin/main SHA at trigger time.$release-private on the Tideclaw host.vYYYY.M.D-alpha.NalphaDo not reuse old alpha branches for a new run. If rerunning the same base SHA, create a new timestamped branch and record why.
$release-private.git fetch origin main --tags --prune
git switch main
git merge --ff-only origin/main
BASE_SHA="$(git rev-parse origin/main)"
BRANCH="tideclaw/alpha/$(date -u +%Y-%m-%d-%H%MZ)"
git switch -c "$BRANCH" "$BASE_SHA"
AGENTS.mddocs/scripts/.github/workflows/*release*$BASE_SHA with the last successful alpha state and current git/npm/GitHub alpha tags. If already released, report skip and do not publish.Manual trigger:
CRON_ID="<from release-private>"
OPENCLAW_ALLOW_ROOT=1 openclaw cron run "$CRON_ID" --expect-final --timeout 21600000
Tideclaw may run alpha immediately from Discord when a maintainer mentions Tideclaw in #releases or #maintainers.
Accepted shapes:
@Tideclaw run alpha now
@Tideclaw alpha release from main now
@Tideclaw trigger alpha
Rules:
origin/main and create a fresh tideclaw/alpha/YYYY-MM-DD-HHMMZ branch.#maintainers trigger requires an explicit Tideclaw mention; do not react to unmentioned release chatter there.$release-private.…
Verify an OpenClaw release is fully published and working across all channels.
Fetch GitHub issues, create fixes, open PRs, and handle reviews.
Convert text to speech locally and offline with sherpa-onnx, no cloud needed.
Regenerate OpenClaw release changelog sections from Git history before releases.
Prepare and verify OpenClaw stable or beta releases and release notes.
Create and review technical docs and agent instruction files in repositories.
Run, debug, monitor, and summarize OpenClaw release CI workflows.
Draft OpenClaw release announcements and testing guidance from release evidence.
Run or recover OpenClaw macOS signing, notarization, and release promotion.
Refactor OpenClaw docs pages with source-checked preservation, clearer structure, and verification.
Find and fix small high-confidence OpenClaw bugs ready to land.
Choose and run the safest, cheapest OpenClaw test and validation path.