goclaw
GoClaw is a CLI tool for administering and debugging a GoClaw gateway, covering operations like agent management, skill configuration, session tracking, provider setup, credential handling, and runtime diagnostics. Use this skill when a user needs to inspect gateway health, run diagnostic commands, manage credentials safely, or troubleshoot gateway behavior through the goclaw command-line interface or runtime package.
git clone --depth 1 https://github.com/nextlevelbuilder/goclaw /tmp/goclaw && cp -r /tmp/goclaw/skills/goclaw ~/.claude/skills/goclawSKILL.md
# GoClaw Gateway CLI Administration Use this skill when the user asks you to operate, inspect, administer, or debug a GoClaw gateway through the `goclaw` CLI/runtime package. ## Operating Rules 1. Identify the exact binary before running commands. 2. Prefer read-only inspection before mutating actions. 3. Never print, paste, or store API keys, bearer tokens, OAuth tokens, database credentials, private keys, cookies, or `.env` contents in chat, issues, comments, or logs. 4. Scope every action to the requested gateway, tenant, org, agent, team, session, channel, or provider. 5. Ask for explicit confirmation before destructive or security-sensitive actions. 6. If command help disagrees with this skill, trust the live `--help` output. Do not run bare `goclaw` unless the user explicitly wants to start the gateway server. Use `goclaw --help`, `goclaw version`, or a subcommand for inspection. ## CLI Discovery Start with read-only discovery: ```bash command -v goclaw type -a goclaw goclaw version goclaw --help goclaw <command> --help ``` If `command -v goclaw` is empty on a managed server, also check deployment runtime paths before concluding the CLI is absent: ```bash ls -l /var/lib/goclaw/data/.runtime/bin/goclaw ls -l /app/data/.runtime/bin/goclaw ``` Distinguish the command surface you found: - Gateway server binary: running `goclaw` with no subcommand starts the gateway. - Operator/admin CLI: subcommands such as `agent`, `skills`, `traces`, `sessions`, `providers`, `channels`, `cron`, `config`, `doctor`, `auth`, `backup`, `restore`, `migrate`, and `upgrade`. - Remote operator mode: many admin commands can read `GOCLAW_SERVER`, `GOCLAW_GATEWAY_URL`, and `GOCLAW_GATEWAY_TOKEN` from the environment. Configure tokens through the shell/session secret manager, not CLI argv or pasted text. Use placeholders in examples: ```bash goclaw traces list ``` ## Read-Only Diagnostics Run safe checks first: ```bash goclaw doctor goclaw config path goclaw config validate goclaw agent list goclaw skills list goclaw sessions list goclaw providers list goclaw channels list goclaw cron list goclaw traces list ``` If a command requires a running gateway, retry with the correct remote target: ```bash goclaw agent list ``` Use `goclaw config show` only in a private local terminal when necessary. Treat the output as sensitive even though the CLI redacts known secret fields; do not paste it into chats, issues, PRs, or shared logs. For HTTP-only surfaces, inspect the current API/docs before guessing endpoint shape. Useful areas include `/health`, `/v1/skills`, `/v1/traces`, `/v1/packages/runtimes`, `/v1/mcp`, and `/v1/providers` when available. ## Common Workflows ### Agents Read first: ```bash goclaw agent --help goclaw agent list ``` Before create, update, chat, or delete operations, verify target tenant/org and agent ID/key. Treat `agent delete` as destructive. ### Skills Read first: ```bash goclaw skills --help goclaw skills list goclaw skills show <skill> goclaw skills deps status <skill-id-or-path> goclaw skills access get <skill-id> ``` Use dependency scan/check before install: ```bash goclaw skills deps scan <skill-id-or-path> goclaw skills deps check <skill-id-or-path> ``` Mutating skill commands need clear intent and scope: ```bash goclaw skills deps install <skill-id> goclaw skills access set <skill-id> --help goclaw skills grant agent <skill-id> <agent-id> goclaw skills revoke agent <skill-id> <agent-id> ``` System skills are bundled and should not be edited in place. Prefer uploading or publishing a tenant/custom skill override when customization is required. ### MCP Servers And Tools First inspect whether this CLI version exposes MCP commands: ```bash goclaw mcp --help ``` If no MCP CLI exists, use the current gateway API/UI/docs for MCP discovery and permission changes. Do not invent command names. For tool access issues, verify: - the MCP server is configured and enabled; - the tool is visible to the requested agent/team; - permissions or approval rules allow the action; - gateway logs/traces show the actual failure. ### Runtime Packages Inspect current runtime/package support before acting: ```bash goclaw packages --help goclaw skills deps status <skill-id-or-path> ``` If there is no packages CLI, use the Packages UI or `/v1/packages/*` API when available. Install/update/remove package operations are admin-level and may need approval. Prefer the smallest dependency needed by the selected skill. ### Credentials And Auth Use read-only status commands first: ```bash goclaw auth status goclaw auth status <provider> ``` For gateway bearer tokens, provider keys, OAuth refresh tokens, and CLI credentials: - never echo values; - do not add them to issues, PRs, chat, or logs; - prefer environment variables, OS keychain, or gateway credential UI; - rotate credentials if they were exposed; - confirm before logout, delete, or replace operations. ### Traces And Failed Runs Use traces to debug provider errors, tool failures, channel delivery, and stuck sessions: ```bash goclaw traces --help goclaw traces list --status error goclaw traces get <trace-id> -o json goclaw traces timeline <trace-id> goclaw traces follow --session <session-key> goclaw traces export <trace-id> ``` Redact prompts, tokens, URLs with secrets, headers, and customer data before posting trace excerpts anywhere public. ### Sessions, Channels, Providers, Cron Inspect help and list commands: ```bash goclaw sessions --help goclaw channels --help goclaw providers --help goclaw cron --help ``` Treat these as sensitive: - `sessions delete` and `sessions reset`; - channel add/delete or credential changes; - provider add/update/delete and model verification with live credentials; - cron delete/toggle/run. ## Troubleshooting Playbooks ### Agent Cannot Access A Tool Or MCP 1. Confirm the request is in the intended tenant/org and agent/team. 2. List available skills/tools for t
Use this skill whenever the user wants to create, read, edit, or manipulate Word documents (.docx files). Triggers include: any mention of 'Word doc', 'word document', '.docx', or requests to produce professional documents with formatting like tables of contents, headings, page numbers, or letterheads. Also use when extracting or reorganizing content from .docx files, inserting or replacing images in documents, performing find-and-replace in Word files, working with tracked changes or comments, or converting content into a polished Word document. If the user asks for a 'report', 'memo', 'letter', 'template', or similar deliverable as a Word or .docx file, use this skill. Do NOT use for PDFs, spreadsheets, Google Docs, or general coding tasks unrelated to document generation.
Use this skill whenever the user wants to do anything with PDF files. This includes reading or extracting text/tables from PDFs, combining or merging multiple PDFs into one, splitting PDFs apart, rotating pages, adding watermarks, creating new PDFs, filling PDF forms, encrypting/decrypting PDFs, extracting images, and OCR on scanned PDFs to make them searchable. If the user mentions a .pdf file or asks to produce one, use this skill.
Use this skill any time a .pptx file is involved in any way — as input, output, or both. This includes: creating slide decks, pitch decks, or presentations; reading, parsing, or extracting text from any .pptx file (even if the extracted content will be used elsewhere, like in an email or summary); editing, modifying, or updating existing presentations; combining or splitting slide files; working with templates, layouts, speaker notes, or comments. Trigger whenever the user mentions \"deck,\" \"slides,\" \"presentation,\" or references a .pptx filename, regardless of what they plan to do with the content afterward. If a .pptx file needs to be opened, created, or touched, use this skill.
Create or update GoClaw agent skills with eval-driven iteration. Use for new skills, skill scripts, references, benchmark optimization, description optimization, eval testing, extending agent capabilities.
Use whenever the agent creates, writes, moves, or renames a file in a team/delegate (shared) workspace, OR when the user asks to organize, clean up, restructure, audit, or find files in any workspace or the Vault, OR when starting a multi-file task or named project. Enforces a purpose-based folder convention (flat mode: notes/, data/, outputs/, scripts/, archive/; project mode: projects/<slug>/{docs,assets,source,reports,research}/), per-agent namespacing under shared/<agent_key>/, and pre-write discovery via memory_search, vault_search, knowledge_graph_search to surface related files and avoid duplicates. Trigger before any write_file or exec at workspace root, when starting a project, generating reports/assets/exports, delegating, or when the user says "messy", "where did I save", "tổ chức lại", "dọn workspace", "tạo report", "find related", "search vault". Do NOT trigger for read-only ops, edits inside an existing project tree (cloned repo), or short-lived files deleted in the same turn.
Use this skill any time a spreadsheet file is the primary input or output. This means any task where the user wants to: open, read, edit, or fix an existing .xlsx, .xlsm, .csv, or .tsv file (e.g., adding columns, computing formulas, formatting, charting, cleaning messy data); create a new spreadsheet from scratch or from other data sources; or convert between tabular file formats. Trigger especially when the user references a spreadsheet file by name or path — even casually (like \"the xlsx in my downloads\") — and wants something done to it or produced from it. Also trigger for cleaning or restructuring messy tabular data files (malformed rows, misplaced headers, junk data) into proper spreadsheets. The deliverable must be a spreadsheet file. Do NOT trigger when the primary deliverable is a Word document, HTML report, standalone Python script, database pipeline, or Google Sheets API integration, even if tabular data is involved.