Initial commit: OpenClaw Skill Collection

6 custom skills (assign-task, dispatch-webhook, daily-briefing,
task-capture, qmd-brain, tts-voice) with technical documentation.
Compatible with Claude Code, OpenClaw, Codex CLI, and OpenCode.

openclaw-knowhow-skill/docs/infrastructure/install/ansible.md

@@ -0,0 +1,32 @@
+# Ansible Installation Documentation
+
+## Overview
+The documentation describes OpenClaw's Ansible-based deployment system, emphasizing "firewall-first security" with a 4-layer defense architecture combining UFW, Tailscale VPN, Docker isolation, and systemd hardening.
+
+## Key Installation Details
+
+**One-command deployment:**
+```bash
+curl -fsSL https://raw.githubusercontent.com/openclaw/openclaw-ansible/main/install.sh | bash
+```
+
+**System requirements:** Debian 11+ or Ubuntu 20.04+ with root/sudo access and internet connectivity.
+
+**Components installed:**
+- Tailscale mesh VPN for encrypted remote access
+- UFW firewall (SSH and Tailscale ports only)
+- Docker and Node.js 22.x runtime
+- OpenClaw gateway (host-based, not containerized)
+- Systemd service for auto-start functionality
+
+## Security Architecture
+
+The installation implements layered protection: firewall rules restrict external exposure to SSH only, VPN mesh gates gateway access, Docker prevents container port leakage, and systemd applies privilege restrictions. Users can verify the attack surface using nmap, expecting only port 22 visibility.
+
+## Post-Installation
+
+After setup completes, switch to the openclaw user and run the onboarding wizard to configure provider connections (WhatsApp, Telegram, Discord, Signal) and verify gateway functionality through Tailscale.
+
+## Maintenance
+
+The Ansible playbook remains idempotent for rerunning during configuration changes. Manual installation is available via cloning the GitHub repository and executing the playbook directly.

openclaw-knowhow-skill/docs/infrastructure/install/bun.md

@@ -0,0 +1,21 @@
+# Bun (Experimental) Documentation
+
+## Overview
+
+This page documents experimental Bun runtime support for the repository. Bun is an optional local runtime for running TypeScript directly (`bun run …`, `bun --watch …`).
+
+## Key Points
+
+**Installation approach:** Users can install dependencies using `bun install` or `bun install --no-save` to prevent lockfile generation.
+
+**Build and testing:** The commands `bun run build` and `bun run vitest run` execute build and test operations respectively.
+
+**Production considerations:** Not recommended for Gateway runtime (WhatsApp/Telegram bugs). Use Node for production.
+
+**Lifecycle scripts:** Bun may initially block certain dependency installation scripts. However, for this specific repository, the commonly blocked scripts aren't necessary for operation. Users can trust problematic scripts via `bun pm trust` if needed.
+
+**Limitations:** Some npm scripts still require pnpm, particularly documentation and UI-related commands.
+
+## Bottom Line
+
+Bun serves as an optional development alternative to pnpm but remains unsuitable for production gateway deployments involving WhatsApp or Telegram integrations.

openclaw-knowhow-skill/docs/infrastructure/install/development-channels.md

@@ -0,0 +1,36 @@
+# Development Channels Documentation
+
+## Overview
+OpenClaw maintains three update channels for releases:
+
+- **Stable** (npm `latest` dist-tag): Production-ready builds
+- **Beta** (npm `beta` dist-tag): Builds undergoing testing
+- **Dev** (npm `dev` dist-tag): Current main branch snapshots
+
+The system uses dist-tags as the source of truth for npm installs, meaning vetted builds are promoted without version changes.
+
+## Channel Switching
+
+Users can switch channels via:
+
+```bash
+openclaw update --channel [stable|beta|dev]
+```
+
+When explicitly switching, the installation method aligns automatically:
+- Dev mode checks out the git repository (defaults to `~/openclaw`)
+- Stable/beta pull from npm using appropriate dist-tags
+
+## Plugin Synchronization
+
+Switching channels triggers plugin source updates—dev prefers bundled plugins from the git checkout, while stable and beta restore npm-installed packages.
+
+## Release Guidelines
+
+- Tag releases for git checkouts using format `vYYYY.M.D` or `vYYYY.M.D-<patch>`
+- Maintain immutable tags (never move or reuse)
+- Preserve npm dist-tags as the authoritative source for version mapping
+
+## Platform Considerations
+
+Beta and dev releases may lack macOS app builds, which is acceptable provided the git tag and npm dist-tag are published and documented in release notes.

openclaw-knowhow-skill/docs/infrastructure/install/docker.md

@@ -0,0 +1,37 @@
+# Docker Documentation - OpenClaw
+
+## Overview
+
+OpenClaw's Docker support is optional. Docker is **optional**. Use it only if you want a containerized gateway or to validate the Docker flow.
+
+## Key Use Cases
+
+Docker suits you if you need isolation or want to avoid local installations. The guide covers two main scenarios:
+
+1. **Containerized Gateway** - Full OpenClaw running in Docker
+2. **Agent Sandbox** - Host gateway with Docker-isolated agent tools
+
+## Quick Start
+
+The recommended approach uses a setup script that builds the gateway image, runs onboarding, and starts services via Docker Compose. After completion, users access the Control UI at `http://127.0.0.1:18789/`.
+
+## Configuration Options
+
+The documentation provides several optional environment variables:
+
+- `OPENCLAW_DOCKER_APT_PACKAGES` - Install system packages during build
+- `OPENCLAW_EXTRA_MOUNTS` - Add additional bind mounts
+- `OPENCLAW_HOME_VOLUME` - Persist container home directory
+
+## Agent Sandboxing
+
+When enabled, non-main sessions run tools inside isolated Docker containers while the gateway remains on the host. Key features include:
+
+- Configurable scope (per-session or per-agent)
+- Workspace access controls (none, read-only, read-write)
+- Tool allow/deny policies
+- Auto-pruning of idle containers
+
+## Security Considerations
+
+The default image runs as non-root user for security. Hard isolation only applies to **tools** (exec/read/write/edit/apply_patch) and allowing browser access in sandbox breaks isolation.

openclaw-knowhow-skill/docs/infrastructure/install/index.md

@@ -0,0 +1,29 @@
+# OpenClaw Installation Documentation
+
+## Overview
+The documentation provides comprehensive installation guidance for OpenClaw, emphasizing the installer script as the recommended approach. The page covers system requirements, multiple installation methods, and troubleshooting steps.
+
+## Key Installation Methods
+
+**Recommended approach:** The installer script handles both CLI setup and onboarding automatically.
+
+**System prerequisites** include Node version 22 or higher, compatibility with macOS/Linux/Windows (WSL2), and pnpm only for source builds.
+
+## Installation Options
+
+1. **Installer script** - Automates global npm installation and runs onboarding
+2. **Manual global install** - Direct npm or pnpm installation with optional flags
+3. **Source installation** - Git clone approach for developers
+4. **Alternative methods** - Docker, Nix, Ansible, and Bun options available
+
+## Post-Installation
+
+After setup completion, users should run the onboarding command and verify functionality with diagnostic tools. Run onboarding: `openclaw onboard --install-daemon` followed by health checks.
+
+## Common Issues
+
+The guide addresses PATH configuration problems, providing diagnostic commands and shell configuration solutions for systems where the `openclaw` command isn't recognized after installation.
+
+## Additional Resources
+
+References to related documentation include updating procedures, migration guidance, and uninstall instructions, with a pointer to the complete documentation index.

openclaw-knowhow-skill/docs/infrastructure/install/installer.md

@@ -0,0 +1,31 @@
+# Installer Internals
+
+OpenClaw provides three installer scripts from `openclaw.ai`:
+
+* **install.sh** — Primary installer supporting macOS, Linux, and WSL
+* **install-cli.sh** — Non-root alternative that bundles Node runtime
+* **install.ps1** — Windows PowerShell installer
+
+## install.sh Overview
+
+The recommended installer performs several key functions:
+
+1. Detects the operating system
+2. Ensures Node.js version 22 or higher is available
+3. Offers two installation methods:
+   - `npm install -g openclaw@latest` (default)
+   - Git-based source checkout with wrapper script
+
+The script addresses common Linux permission issues by redirecting npm's global prefix to `~/.npm-global` when necessary, then updates PATH variables in shell configuration files.
+
+Additionally, it mitigates `sharp` native install gotchas by defaulting `SHARP_IGNORE_GLOBAL_LIBVIPS=1` to avoid system library conflicts. Users needing different behavior can override this with `SHARP_IGNORE_GLOBAL_LIBVIPS=0`.
+
+When run inside an existing OpenClaw checkout, the installer prompts whether to update locally or migrate to global npm installation.
+
+## install-cli.sh
+
+This variant installs OpenClaw to a dedicated prefix (typically `~/.openclaw`) alongside a self-contained Node runtime, eliminating system-level dependencies.
+
+## install.ps1
+
+The Windows PowerShell version requires Node.js 22+ and supports both npm and git installation methods. Common issues include missing Git for Windows and PATH configuration problems with npm's global bin folder.

openclaw-knowhow-skill/docs/infrastructure/install/nix.md

@@ -0,0 +1,39 @@
+# Nix Installation Documentation
+
+## Overview
+
+The documentation describes setting up OpenClaw using Nix, with the primary recommended method being **nix-openclaw**, a Home Manager module that provides a pre-configured environment.
+
+## Key Setup Method
+
+Users are directed to paste instructions into an AI agent, which should:
+
+1. Verify Determinate Nix installation
+2. Create a local flake configuration using provided templates
+3. Set up a Telegram bot with necessary credentials
+4. Configure secrets management
+5. Apply configuration via home-manager
+6. Verify the launchd service is running
+
+## What's Included
+
+The nix-openclaw setup provides Gateway + macOS app + tools (whisper, spotify, cameras) — all pinned with automatic service persistence and plugin configuration capabilities.
+
+## Nix Mode Runtime
+
+When `OPENCLAW_NIX_MODE=1` is enabled (automatic with nix-openclaw):
+
+- Configuration becomes deterministic and auto-install flows are disabled
+- State and configuration use explicit paths via environment variables
+- The macOS GUI app can enable this mode through system defaults
+- Missing dependencies trigger Nix-specific error messages
+
+## File Paths
+
+State and configuration directories are configurable:
+- `OPENCLAW_STATE_DIR` (default: `~/.openclaw`)
+- `OPENCLAW_CONFIG_PATH` (default: `$OPENCLAW_STATE_DIR/openclaw.json`)
+
+## Related Resources
+
+The documentation references the nix-openclaw GitHub repository as the authoritative source, alongside alternative installation methods for non-Nix and containerized setups.

openclaw-knowhow-skill/docs/infrastructure/install/uninstall.md

@@ -0,0 +1,120 @@
+# Uninstall
+
+Two paths:
+
+* **Easy path** if `openclaw` is still installed.
+* **Manual service removal** if the CLI is gone but the service is still running.
+
+## Easy path (CLI still installed)
+
+Recommended: use the built-in uninstaller:
+
+```bash
+openclaw uninstall
+```
+
+Non-interactive (automation / npx):
+
+```bash
+openclaw uninstall --all --yes --non-interactive
+npx -y openclaw uninstall --all --yes --non-interactive
+```
+
+Manual steps (same result):
+
+1. Stop the gateway service:
+
+```bash
+openclaw gateway stop
+```
+
+2. Uninstall the gateway service (launchd/systemd/schtasks):
+
+```bash
+openclaw gateway uninstall
+```
+
+3. Delete state + config:
+
+```bash
+rm -rf "${OPENCLAW_STATE_DIR:-$HOME/.openclaw}"
+```
+
+If you set `OPENCLAW_CONFIG_PATH` to a custom location outside the state dir, delete that file too.
+
+4. Delete your workspace (optional, removes agent files):
+
+```bash
+rm -rf ~/.openclaw/workspace
+```
+
+5. Remove the CLI install (pick the one you used):
+
+```bash
+npm rm -g openclaw
+pnpm remove -g openclaw
+bun remove -g openclaw
+```
+
+6. If you installed the macOS app:
+
+```bash
+rm -rf /Applications/OpenClaw.app
+```
+
+Notes:
+
+* If you used profiles (`--profile` / `OPENCLAW_PROFILE`), repeat step 3 for each state dir (defaults are `~/.openclaw-<profile>`).
+* In remote mode, the state dir lives on the **gateway host**, so run steps 1-4 there too.
+
+## Manual service removal (CLI not installed)
+
+Use this if the gateway service keeps running but `openclaw` is missing.
+
+### macOS (launchd)
+
+Default label is `bot.molt.gateway` (or `bot.molt.<profile>`; legacy `com.openclaw.*` may still exist):
+
+```bash
+launchctl bootout gui/$UID/bot.molt.gateway
+rm -f ~/Library/LaunchAgents/bot.molt.gateway.plist
+```
+
+If you used a profile, replace the label and plist name with `bot.molt.<profile>`. Remove any legacy `com.openclaw.*` plists if present.
+
+### Linux (systemd user unit)
+
+Default unit name is `openclaw-gateway.service` (or `openclaw-gateway-<profile>.service`):
+
+```bash
+systemctl --user disable --now openclaw-gateway.service
+rm -f ~/.config/systemd/user/openclaw-gateway.service
+systemctl --user daemon-reload
+```
+
+### Windows (Scheduled Task)
+
+Default task name is `OpenClaw Gateway` (or `OpenClaw Gateway (<profile>)`).
+The task script lives under your state dir.
+
+```powershell
+schtasks /Delete /F /TN "OpenClaw Gateway"
+Remove-Item -Force "$env:USERPROFILE\.openclaw\gateway.cmd"
+```
+
+If you used a profile, delete the matching task name and `~\.openclaw-<profile>\gateway.cmd`.
+
+## Normal install vs source checkout
+
+### Normal install (install.sh / npm / pnpm / bun)
+
+If you used `https://openclaw.ai/install.sh` or `install.ps1`, the CLI was installed with `npm install -g openclaw@latest`.
+Remove it with `npm rm -g openclaw` (or `pnpm remove -g` / `bun remove -g` if you installed that way).
+
+### Source checkout (git clone)
+
+If you run from a repo checkout (`git clone` + `openclaw ...` / `bun run openclaw ...`):
+
+1. Uninstall the gateway service **before** deleting the repo (use the easy path above or manual service removal).
+2. Delete the repo directory.
+3. Remove state + workspace as shown above.

openclaw-knowhow-skill/docs/infrastructure/install/updating.md

@@ -0,0 +1,49 @@
+# OpenClaw Update Documentation
+
+## Overview
+The documentation covers OpenClaw's update procedures, emphasizing that updates should be treated like infrastructure changes requiring verification afterward.
+
+## Key Update Methods
+
+**Website Installer (Recommended)**
+The preferred approach involves rerunning the installer, which detects existing installations and upgrades in place:
+```bash
+curl -fsSL https://openclaw.ai/install.sh | bash
+```
+
+**Global Package Installs**
+For npm or pnpm installations, users can upgrade using:
+```bash
+npm i -g openclaw@latest
+```
+or
+```bash
+pnpm add -g openclaw@latest
+```
+
+**Source Installs**
+For git-based installations, the documentation recommends using `openclaw update`, which performs safe updates including dependency installation, building, and automatic gateway restarts.
+
+## Important Preparation Steps
+
+Before updating, users should:
+- Identify their installation type (global vs. source)
+- Determine how the Gateway runs (foreground terminal vs. system service)
+- Back up configuration files and credentials
+
+## Post-Update Verification
+
+After any update, running these commands ensures proper functionality:
+```bash
+openclaw doctor
+openclaw gateway restart
+openclaw health
+```
+
+## Rollback Procedures
+
+For broken updates, users can pin to previous versions using npm/pnpm version specifiers or git checkout commands with date-based filtering.
+
+## Additional Resources
+
+The documentation references a troubleshooting guide and Discord support channel for unresolved issues.