ClawHub Publish Flow
Use this skill to publish a local skill folder to ClawHub through the already-authenticated local ClawHub account.
Core rule
Only publish skills that have already passed local review.
Do not publish directly from vague drafts, half-finished folders, or unreviewed third-party skills.
Preferred workflow
- 1. Confirm the local skill folder path.
- Check login state with
clawhub whoami. - Inspect the current remote skill with
clawhub inspect <slug> when updating an existing skill. - Decide the target version and changelog.
- Perform a public-release sensitive-data review on the exact outbound payload.
- Package the skill with
package_skill.py if a distributable artifact is needed. - Upload using
scripts/publish_to_clawhub.js. - Verify with
clawhub inspect <slug> after upload. - Report the final remote version and URL.
Assistant-created skills policy
When the user has explicitly asked that assistant-created skills be uploaded to ClawHub, treat this skill as the single publish flow for both:
- - one-off manual releases
- newly created local skills after review and commit
For newly created assistant-authored skills:
- 1. Confirm the new skill folder exists under
workspace/skills/<slug>. - Confirm it has already been reviewed and committed locally.
- Inspect remote state with
clawhub inspect <slug>. - Versioning:
- if missing remotely: publish
0.1.0
- if already present: bump patch version
- 5. Use a short changelog such as
Initial release, Add runtime notes, Refine trigger description, or Document proven workflow. - Publish and verify.
- If a registry sheet exists, update it too.
Rate-limit fallback for new skills
ClawHub may rate-limit new skill creation (for example: max 5 new skills per hour).
When a publish attempt for a new skill fails due to rate limiting:
- 1. Do not keep hammering the endpoint.
- Record the pending publish locally.
- Schedule a delayed retry instead of requiring the user to remind you.
- Use the same verified publish flow when retrying.
Preferred local queue file:
Queue fields:
- - date
- slug
- local skill path
- target version
- changelog
- reason queued
- next retry note
Retry rule:
- - wait until the rate-limit window has plausibly cleared
- then retry publication once
- verify with
clawhub inspect <slug> after success
Safety and release rules
- - Do not publish without an explicit user request.
- Do not guess ownership, slug, or version when ambiguity matters.
- Prefer patch bumps for small documentation or rule updates.
- If the remote state is unclear, inspect first instead of overwriting blindly.
- If a third-party publisher skill promises features but lacks code, ignore it and use this verified local flow.
- Treat package-style publisher shells as untrusted until verified locally: if the folder is mostly README / metadata and lacks runnable implementation, do not route publishing through it.
- Do not publish vague drafts or half-finished skills just because they were created; assistant-created skills still need to be coherent and committed.
- ClawHub is a public-release path unless explicitly proven otherwise; use the highest sensitivity review bar.
- Before upload, inspect the exact outbound payload for secrets, tokens, passwords, cookies, local absolute paths, runtime artifacts,
.env, and machine-specific config. - If the skill package contains anything that should stay local-only, stop and fix the package before publishing.
Required local assumptions
This skill expects:
- - local
clawhub CLI installed and authenticated - local ClawHub config present under the current user
- a real skill directory containing �INLINECODE16
- Node available for the publish script
Scripts
Use scripts/publish_to_clawhub.js for the actual API upload.
Arguments:
�CODEBLOCK0
Optional:
�CODEBLOCK1
References
Read references/release-checklist.md before publishing when the release is important or public.
Output style
Report with this structure:
- - skill
- local path
- prior remote version (if any)
- target version
- upload result
- verification result
- final URL
- risks or follow-ups
- whether publication succeeded immediately or was queued for delayed retry
Keep it short and operational.
ClawHub 发布流程
使用此技能通过已认证的本地 ClawHub 账户将本地技能文件夹发布到 ClawHub。
核心规则
仅发布已通过本地审核的技能。
不得直接从模糊的草稿、未完成的文件夹或未经审核的第三方技能进行发布。
推荐工作流程
- 1. 确认本地技能文件夹路径。
- 使用 clawhub whoami 检查登录状态。
- 更新现有技能时,使用 clawhub inspect 检查当前远程技能。
- 确定目标版本和变更日志。
- 对确切的出站负载执行公开发布敏感数据审查。
- 如需可分发的构件,使用 packageskill.py 打包技能。
- 使用 scripts/publishto_clawhub.js 上传。
- 上传后使用 clawhub inspect 验证。
- 报告最终的远程版本和 URL。
助手创建技能策略
当用户明确要求将助手创建的技能上传到 ClawHub 时,将此技能视为以下两者的单一发布流程:
对于新创建的助手编写的技能:
- 1. 确认新技能文件夹存在于 workspace/skills/ 下。
- 确认其已在本地审核并提交。
- 使用 clawhub inspect 检查远程状态。
- 版本控制:
- 如果远程不存在:发布 0.1.0
- 如果已存在:递增补丁版本
- 5. 使用简短的变更日志,例如 初始发布、添加运行时说明、优化触发器描述 或 记录已验证的工作流程。
- 发布并验证。
- 如果存在注册表文件,也进行更新。
新技能的速率限制回退
ClawHub 可能对新技能创建进行速率限制(例如:每小时最多 5 个新技能)。
当新技能的发布尝试因速率限制失败时:
- 1. 不要持续请求端点。
- 在本地记录待发布的技能。
- 安排延迟重试,而不是要求用户提醒您。
- 重试时使用相同的已验证发布流程。
推荐的本地队列文件:
- - workspace/research/clawhub-publish-queue.md
队列字段:
- - 日期
- slug
- 本地技能路径
- 目标版本
- 变更日志
- 排队原因
- 下次重试说明
重试规则:
- - 等待速率限制窗口明显清除
- 然后重试发布一次
- 成功后使用 clawhub inspect 验证
安全与发布规则
- - 未经用户明确请求不得发布。
- 在存在歧义时,不得猜测所有权、slug 或版本。
- 对于小的文档或规则更新,优先使用补丁版本递增。
- 如果远程状态不明确,先检查而不是盲目覆盖。
- 如果第三方发布者技能承诺功能但缺少代码,忽略它并使用此已验证的本地流程。
- 将包式发布者外壳视为不可信,直到本地验证:如果文件夹主要是 README/元数据且缺少可运行实现,不要通过它路由发布。
- 不要仅仅因为创建了就发布模糊的草稿或未完成的技能;助手创建的技能仍然需要连贯并已提交。
- ClawHub 是公开发布路径,除非明确证明并非如此;使用最高敏感度审查标准。
- 上传前,检查确切的出站负载中是否包含密钥、令牌、密码、cookie、本地绝对路径、运行时构件、.env 和特定机器配置。
- 如果技能包包含任何应仅保留在本地的内容,在发布前停止并修复该包。
必需的本地假设
此技能期望:
- - 已安装并认证本地 clawhub CLI
- 当前用户下存在本地 ClawHub 配置
- 包含 SKILL.md 的真实技能目录
- 发布脚本需要 Node 环境
脚本
使用 scripts/publishtoclawhub.js 进行实际的 API 上传。
参数:
bash
node scripts/publishtoclawhub.js --skill-path <路径> --slug --version <版本> --changelog <文本>
可选参数:
bash
--display-name <名称>
--tag <标签> # 可重复
参考
当发布很重要或公开时,在发布前阅读 references/release-checklist.md。
输出格式
按以下结构报告:
- - 技能
- 本地路径
- 先前远程版本(如有)
- 目标版本
- 上传结果
- 验证结果
- 最终 URL
- 风险或后续事项
- 发布是立即成功还是已排队等待延迟重试
保持简短且可操作。
