Skillget

clawmaster

mcp
Security Audit
Warn
Health Warn
  • License — License: MIT
  • Description — Repository has a description
  • Active repo — Last push 0 days ago
  • Low visibility — Only 7 GitHub stars
Code Warn
  • process.env — Environment variable access in .github/scripts/wsl-runtime-smoke.mjs
  • network request — Outbound network request in .github/scripts/wsl-runtime-smoke.mjs
  • fs module — File system access in .github/workflows/build.yml
Permissions Pass
  • Permissions — No dangerous permissions requested
Purpose
This tool serves as a control plane and graphical interface for OpenClaw. It provides a guided setup wizard for managing LLM providers, configuring channels, and monitoring usage via a desktop or self-hosted web application.

Security Assessment
Overall risk: Low. The automated scan did not find any hardcoded secrets, dangerous permissions, or direct shell command execution. Network requests and environment variable access were flagged in an external testing script (`wsl-runtime-smoke.mjs`), which is standard behavior for a smoke test and does not pose a threat to the end user. File system access noted in the GitHub Actions build workflow is routine and expected for compiling the application. No malicious or overly intrusive behaviors were detected in the core application code.

Quality Assessment
The project is licensed under the standard MIT license, making it safe for integration and modification. It appears to be actively maintained, with repository updates pushed as recently as today and a reported 74 passing tests. However, it currently has very low community visibility with only 7 stars on GitHub. This indicates an early-stage project, meaning users should anticipate potential bugs or rapid changes, even though the initial codebase and documentation appear highly structured and professional.

Verdict
Safe to use.
SUMMARY

Control plane for OpenClaw. Guided setup wizard, 16 LLM providers, 6 channel types, ClawProbe observability. Desktop app (Tauri) + self-hosted web console. No config-file editing required.

README.md

clawmaster · OpenClaw Control Plane

A guided desktop app and self-hosted web console for OpenClaw.

Quick Start Roadmap Contributing License

Build Version Stars Tests

📦 Releases  ·  💬 Discussions  ·  🐛 Issues  ·  Discord   |   English  ·  中文  ·  日本語

ClawMaster vs. CLI Only

OpenClaw CLI alone ClawMaster
Initial setup Hand-edit ~/.openclaw/openclaw.json Guided wizard
Provider & model config Edit JSON, restart Form UI with live validation
Channel setup Read docs, edit config Step-by-step guides per platform
Observability None built-in ClawProbe dashboard (cost, tokens, health)
Memory management powermem CLI Management UI
Multiple profiles Manual file juggling Profile switcher
Desktop app No Yes — ships as .dmg / .msi / .AppImage
Self-hosted web console No Yes — Express, runs anywhere Node.js runs

Who It Is For

"I manage OpenClaw for my team."
One place to configure channels, rotate API keys, and monitor token spend — no SSH, no JSON editing.

"I'm building agents with LangChain."
Quick observability into context usage, memory snapshots, and cost-per-session without writing monitoring code.

"I'm setting up OpenClaw for the first time."
The setup wizard walks you through provider, model, gateway, and channel in one flow. No docs required to reach a working state.

What You Can Do

  • Setup and profiles — Detect OpenClaw, install missing pieces, create or switch profiles, bootstrap a local environment.
  • Models and providers — Configure OpenAI-compatible and provider-specific endpoints, validate API keys, set runtime defaults.
  • Gateway and channels — Bring up the gateway, follow guided setup for Feishu, WeChat, Discord, Slack, Telegram, and WhatsApp.
  • Plugins, skills, and MCP — Enable or disable capabilities, install curated items, add MCP servers, import MCP definitions.
  • Sessions, memory, and observability — Inspect sessions, manage memory backends, track token usage and estimated spend.

Quick Start

Option 1: Desktop installer

Download the latest installer from GitHub Releases.

Platform Format
Linux x64 .deb, .rpm, .AppImage
macOS Intel .dmg
macOS Apple Silicon .dmg
Windows x64 .msi, .exe

[!NOTE]
CI also uploads per-platform artifacts for every push to main (7-day retention) if you need an unreleased build.

Option 2: Run from source 
git clone https://github.com/clawmaster-ai/clawmaster.git
cd clawmaster
npm install
npm run dev:web     # web app + backend
npm run tauri:dev   # desktop app

Requirements: Node.js 20+. For Tauri desktop builds, also Rust — see tauri.app/start/prerequisites.

Option 3: Service CLI 
npm i -g clawmaster
clawmaster doctor
clawmaster serve --daemon
clawmaster status

Default service URL: http://127.0.0.1:3001. clawmaster serve prints a service token — enter it in the browser UI when prompted.

Common flags:

clawmaster serve --host 127.0.0.1 --port 3001 --daemon
clawmaster serve --host 127.0.0.1 --port 3001 --token your-own-token
clawmaster stop
clawmaster doctor

First Run

  1. Launch ClawMaster.
  2. Choose an existing OpenClaw profile or create a new one.
  3. Connect at least one model provider and set a default model.
  4. Enable gateway or observability if you need runtime inspection.
  5. Add channels, plugins, skills, or MCP servers as needed.

Roadmap

Six capabilities — tracked as labeled issues:

Capability Status What it covers
能接管 Setup Released Wizard, 16 providers, 6 channel types, profile management
能观测 Observe Released ClawProbe integration, cost / token / health dashboard
能省钱 Save In progress PowerMem UI, seekdb integration, token-reduction workflows
能应用 Apply Planned Photo OCR, invoice processing, flashcard tools
能构建 Build Planned Conversational agent builder (LangChain DeepAgents)
能守护 Guard Planned Key encryption, spend limits, RBAC

Browse label:roadmap to pick up an item. Leave a comment before starting — core contributors who land roadmap features can claim model credits from the OpenClaw team.

📰 News

  • 2026-04-13 🏗️ Contribution workflow tightened with issue forms, a stronger PR template, PR description validation, and architecture boundary tests.

Development

npm install
npm run dev:web       # frontend + backend
npm run dev           # frontend only (port 3000)
npm run dev:backend   # backend only (port 3001)
npm run tauri:dev     # desktop app
Testing and CI 
npm test              # unit tests (Vitest)
npm run build         # type check + production build
npm run test:desktop  # desktop smoke (macOS: real Tauri build; Linux/Win: WebDriver)

[!TIP]
Run npm test && npm run build before opening a PR — the same steps run in CI.

CI covers: TypeScript check, unit tests, backend integration smoke, web smoke, desktop smoke, and multi-platform Tauri builds.

Project layout 
clawmaster/
├── packages/web/          React + Vite frontend
├── packages/backend/      Express backend for web mode
├── src-tauri/             Tauri desktop host
├── tests/ui/              YAML-based manual UI flow specs
└── bin/clawmaster.mjs     CLI entry point

Runtime model: Desktop — React calls Tauri commands via invoke(); Web — React proxies /api to Express.

Contributing

Using an AI coding agent? Point it at AGENTS.md first — it covers the full contribution workflow, module patterns, and hard rules in agent-readable form.

See CONTRIBUTING.md for setup, testing requirements, dependency policy, commit convention, and PR checklist.

[!IMPORTANT]
PRs must pass npm test locally before opening. No screenshots, test logs, or generated files in commits. Node.js is the only permitted runtime — no new language dependencies.

Community: GitHub Discussions · Discord · Feishu

Contributors

Contributors

Acknowledgments
Project Role
OpenClaw Core runtime and configuration model
ClawProbe Observability daemon
ClawHub Skill registry
PowerMem Memory backend
Tauri Desktop app framework
React Frontend UI
Vite Frontend toolchain
Playwright Browser automation and smoke testing

License

MIT. See LICENSE.

Reviews (0)

No results found