credential-manager
MANDATORY security foundation for OpenClaw. Consolidate scattered API keys and credentials into a secure .env file with proper permissions. Use when setting up OpenClaw, migrating credentials, auditing security, or enforcing the .env standard. This is not optional — centralized credential management is a core requirement for secure OpenClaw deployments. Scans for credential files across common locations, backs up existing files, creates a unified .env with mode 600, validates security, and enforces best practices.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/callmedas69/credential-managerWhat This Skill Does
The credential-manager is the foundational security layer for your OpenClaw ecosystem. It acts as a centralized vault, scanning your local environment for fragmented API keys, passwords, and sensitive tokens that are often scattered across various configuration folders or temporary memory files. By consolidating these disparate files into a single, highly secure ~/.openclaw/.env file, the skill eliminates potential leakage vectors and simplifies security audits. The manager enforces a strict 600 permission policy (read/write by owner only), validates credential formats, creates timestamped backups to prevent data loss during migration, and ensures that your sensitive information remains git-ignored, preventing accidental exposure in repositories.
Installation
To integrate this critical security layer, run the following command in your terminal:
clawhub install openclaw/skills/skills/callmedas69/credential-manager
Ensure that you have appropriate system permissions to modify files in your home directory, as the skill will need to create the ~/.openclaw/ directory and update your local .gitignore configurations.
Use Cases
This skill is essential for three primary scenarios:
- Initial OpenClaw Setup: Use it to establish a secure foundation before adding other skills to your agent.
- Security Audits: Use it to sweep your system for 'lost' keys or poorly protected legacy credential files.
- Migration: Use it when moving or upgrading your OpenClaw installation to ensure all sensitive data is properly bundled and protected under the new standard.
Example Prompts
- "Credential-manager, perform a full scan of my home directory and identify any scattered API keys or credential files that need consolidating."
- "I need to harden my deployment; please run the credential-manager to consolidate my keys and ensure my .env file is set to mode 600."
- "Back up my existing keys and consolidate them into the main OpenClaw environment file."
Tips & Limitations
Always review the generated backup files before performing the final cleanup command. The credential-manager is designed to be the single source of truth; therefore, avoid manually editing other local credential files once migration is complete. The skill currently supports common .env and .json patterns; if you have custom proprietary formats, you may need to manually define the mapping in the configuration phase. Remember that this tool is not a password manager for personal sites, but rather a dedicated vault for the system and AI agent service keys.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-callmedas69-credential-manager": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, file-write
Related Skills
basecred-8004-registration
Interactive ERC-8004 agent registration via chat. Guides users through a prefill form, shows draft, confirms, then registers on-chain using agent0-sdk.
basecred
Fetch onchain reputation profiles via BaseCred SDK (Ethos, Talent Protocol, Farcaster/Neynar). Use when the user wants to check wallet reputation, builder score, creator score, Ethos credibility, or Farcaster account quality for any 0x address. Supports multi-source unified profiles with level derivation and recency tracking.
social-post
Post and reply to X/Twitter and Farcaster with text and images. Features multi-account support, auto-variation to avoid duplicate content detection, draft preview, character validation, threads, replies, and image uploads. Consumption-based pricing for X API, pay-per-cast for Farcaster.