Run cross-platform OpenClaw remote validation with provider and lease reporting.
This skill is classified as prompt-only with no required secrets and no declared remote endpoints, so the baseline risk is low. However, the documentation explicitly describes remote validation via Crabbox/Testbox/AWS/Blacksmith and includes install/build instructions, so there is some ambiguity between the declared prompt-only nature and the documented operational workflow, warranting caution if users act on the instructions.
The materials and objective checks indicate no required secrets or environment variables. No API tokens, cloud credentials, or account passwords are requested, so credential exposure and abuse risk appears low based on the provided facts.
The README explicitly describes remote validation and references brokered AWS Crabbox, Blacksmith Testbox, syncing the current checkout, logs/results, cache inspection, and capture/download workflows. Although no fixed hosts are provided and contacting declared backends is normal for this tool category, following the documentation may send code, logs, or test data to remote services, so data egress scope should be reviewed.
The system classifies this as prompt-only; the skill itself does not declare automatic local process execution or code-running capability. While the README includes shell, git, go build, and node commands, those are third-party usage instructions and do not by themselves mean the skill has execution privileges.
There is no declaration that the skill can directly read or write local files, system resources, or sensitive user data. The README mentions running from the repo root and syncing the current checkout, but that is workflow guidance rather than evidence that the skill itself has data-access privileges.
The source is an open-source GitHub repository, which is a positive factor because the code is auditable. However, the repository has no declared license, zero stars, unknown maintenance status, and the README instructs users to clone/pull an additional repository and build Crabbox locally, creating some supply-chain and maintenance uncertainty; cautious review is advisable before use.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "crabbox" skill from askskill: 1. Download https://raw.githubusercontent.com/openclaw/agent-skills/main/skills/crabbox/SKILL.md 2. Save it as ~/.claude/skills/crabbox/SKILL.md 3. Reload skills and tell me it's ready
Use crabbox to run an OpenClaw remote validation on my macOS environment, enable delegated Blacksmith proof, and report the actual provider and lease id in the result.
A validation result showing pass/fail status, platform used, actual provider, and lease ID.
Use crabbox to execute OpenClaw remote validation in WSL2, preferably through the Testbox wrapper, and output a full validation summary with provider and lease id.
A troubleshooting-friendly validation summary covering the wrapper, runtime environment, validation status, and lease details.
Run OpenClaw remote validation through crabbox on Linux, Windows, and macOS, compare the results across platforms, and list the corresponding provider and lease id for each.
A cross-platform comparison showing validation outcomes and underlying service sources for each system.
Use the Crabbox wrapper when OpenClaw needs remote Linux proof for broad tests, CI-parity checks, secrets, hosted services, Docker/E2E/package lanes, warmed reusable boxes, sync timing, logs/results, cache inspection, or lease cleanup.
Crabbox is the transport/orchestration surface. The actual backend can be:
provider=aws, lease ids like
cbx_..., syncDelegated=falseprovider=blacksmith-testbox, ids like tbx_..., syncDelegated=trueFor OpenClaw maintainer broad pnpm gates, Blacksmith Testbox through the
Crabbox wrapper is acceptable and often preferred when the standing Testbox
rules apply. Do not describe those runs as "AWS Crabbox"; report them as
Testbox-through-Crabbox with the tbx_... id and Actions run.
Use the repo .crabbox.yaml brokered AWS path when the task specifically needs
direct AWS Crabbox behavior, persistent direct-provider leases, --fresh-pr,
--full-resync, environment forwarding, capture/download support, or provider
comparison. Use --provider blacksmith-testbox when the task needs OpenClaw
maintainer Testbox proof, prepared CI environment, broad/heavy pnpm gates, or
the user asks for Testbox/Blacksmith.
command -v crabbox
../crabbox/bin/crabbox --version
pnpm crabbox:run -- --help | sed -n '1,120p'
../crabbox/bin/crabbox desktop launch --help
../crabbox/bin/crabbox webvnc --help
crabbox and ../crabbox/bin/crabbox are missing, or the
sibling binary fails the version/help checks, install the sibling Crabbox CLI
before reporting Crabbox as unavailable:crabbox_root="../crabbox"
crabbox_src="$crabbox_root"
if [ -d "$crabbox_root/.git" ]; then
:
elif [ -d "$crabbox_root/src/.git" ]; then
crabbox_src="$crabbox_root/src"
elif [ ! -e "$crabbox_root" ]; then
git clone https://github.com/openclaw/crabbox.git "$crabbox_root"
else
echo "Existing $crabbox_root is not a Crabbox checkout; move it aside first." >&2
exit 1
fi
if [ -n "$(git -C "$crabbox_src" status --short)" ]; then
git -C "$crabbox_src" status --short
echo "Dirty $crabbox_src checkout; resolve before updating Crabbox." >&2
exit 1
fi
git -C "$crabbox_src" pull --ff-only
mkdir -p "$crabbox_root/bin"
crabbox_bin="$(cd "$crabbox_root" && pwd)/bin/crabbox"
go version
(cd "$crabbox_src" && go build -o "$crabbox_bin" ./cmd/crabbox)
"$crabbox_bin" --version
node scripts/crabbox-wrapper.mjs run --help | sed -n '1,80p'
go version is missing or the build fails, report that first actionable
toolchain/build error. Do not claim Crabbox proof from a stale PATH shim.../crabbox/bin/crabbox when present. The user PATH
shim can be stale..crabbox.yaml for direct-provider defaults. Omitting --provider
means brokered AWS today.pnpm gates, prefer the repo wrapper with
--provider blacksmith-testbox or the repo Testbox helpers when the standing
Testbox policy applies.cbx_... means AWS Crabbox;
tbx_... means Blacksmith Testbox through Crabbox. If the output only says
blacksmith testbox list, use blacksmith testbox list --all before
concluding no box exists.--full-resync
(alias --fresh-sync) before replacing the lease. This resets the remote
workdir, skips the fingerprint fast path, reseeds Git when possible, and
uploads the checkout from scratch.…
Attach redacted agent transcripts to GitHub PRs or issues for local provenance.
Render AI session JSONL logs into searchable, shareable single-file HTML viewers.
Run a structured code review before commit or release on local or PR branches.
Write a path-free, clipboard-ready handoff prompt that lets another agent investigate, discuss, or pick up a specific task.
Fetch GitHub issues, create fixes, open PRs, and handle reviews.
Convert text to speech locally and offline with sherpa-onnx, no cloud needed.
Run cross-platform remote validation with Crabbox and report the actual provider ID.
Run remote code validation, PR checks, and secure scripted workflows.
Reproduce and record real Telegram interactions on Crabbox for behavior proof.
Choose and run the safest, cheapest OpenClaw test and validation path.
Set up a production-ready OpenClaw agent workspace with validation and optimization.
Diagnose OpenClaw issues by choosing logs, probes, and proof paths first.