back
loading skill details...
Safely publish an already-reviewed skill to ClawHub, verify the live registry state, and return a clear release report.
--- name: skill-auto-publish description: Safely publish an already-reviewed skill to ClawHub, verify the live registry state, and return a clear release report. category: workflow-kits version: 2.4.0 created: 2026-05-21 owner: choosenobody status: active tags: [clawhub, publish, openclaw, skill, automation] --- # ClawHub Auto Publish Safely publish an already-reviewed skill to ClawHub, verify the live registry state, and return a clear release report. ## Features - 🚀 **Safe Publish Flow** — publish only after basic inputs are checked. - 🔍 **Input Check** — confirm slug, source path, version, changelog, and secrets. - 🧾 **Registry Verification** — verify the live ClawHub state with `clawhub inspect`. - 🌐 **Public Page Check** — check the public page when accessible. - 🛑 **Honest Failure Handling** — report blocked or mismatched verification instead of pretending success. - 📦 **Release Report** — return version, URL, install command, verification status, issues, and next action. ## When to Use Use this skill when you want your agent to: - publish a skill to ClawHub - update an existing ClawHub skill - republish after edits - verify whether a published skill is live and correct Use this skill to avoid: - reporting success before checking the live registry - relying on browser snapshot alone - accidentally running management commands during a publish task **Do NOT use this to decide whether a skill deserves release.** Use a release gate or lifecycle review first. ## How It Works 1. Read the user's publish request. 2. Check required inputs: skill slug, source path, target version, changelog, expected content. 3. Confirm the source path contains SKILL.md. 4. Check for secrets or private credentials before publishing. 5. If updating an existing skill, check the current live version first. 6. Publish with the local ClawHub CLI. 7. Verify the live registry state with `clawhub inspect <slug>`. 8. Check the public page text if accessible. 9. Return a release report with verification status, issues, and next action. Common commands: ```bash clawhub publish <path> --version <semver> --changelog "<note>" clawhub inspect <slug> ``` **Note:** Slugs starting with `clawhub-` are protected by ClawHub. Choose a different slug if yours is blocked. If local CLI syntax differs, inspect local CLI help first. **Important:** - Local file edits alone do not mean the skill was published. - Publish command output alone does not mean the release was verified. - Browser snapshot alone is not enough for public page verification. - If the public page is blocked, stale, or mismatched, report that honestly instead of claiming success. ## Copy-Paste Prompt for Your Agent ``` Publish this ClawHub skill safely. Skill slug: [slug] Source path: [absolute path] Target version: [x.y.z] Changelog: [one specific release note] Expected live content: - [what should appear, change, or be removed on the live page] Rules: - Check that the source path contains SKILL.md. - Check for secrets or private credentials before publishing. - If updating an existing skill, check current live version first via clawhub inspect <slug>. - If this is a first publish, confirm no live version exists for this slug. - Do not publish if slug, source path, version, or changelog is missing. - If your environment has a known canonical source path for this skill, use that path. - If release review is required, confirm it is completed before publishing. If not completed, return NEEDS_INFO. - Publish with the local ClawHub CLI. - Verify with clawhub inspect <slug> after publishing. - Check the public page if accessible. - Do not report PASS from browser snapshot alone. - If the public page is blocked, stale, or mismatched, report that honestly. - Do not run rename, merge, delete, hide, or undelete. ``` ## Output Format ``` Publish Status: PUBLISHED | FAILED | BLOCKED | NEEDS_INFO Registry Verification: PASS | FAILED | MISMATCH | NOT_RUN Public Page Verification: PASS | BLOCKED | MISMATCH | NOT_RUN Skill: Source Path: Previous Version: Target Version: URL: Install Command: Command Used: Verified By: Issues: Next Action: ``` ## What This Will Not Do It will not: - decide whether a skill deserves release - replace release review - redesign the skill - publish when required inputs are missing - claim public verification from browser snapshot alone - run rename, merge, delete, hide, or undelete - touch unrelated OpenClaw or Hermes configuration
don't have the plugin yet? install it then click "run inline in claude" again.
restructured into implexa six-part format with explicit inputs (including clawhub cli and auth), detailed procedure with step inputs/outputs, comprehensive decision points covering auth failures, slug collisions, secrets blocks and mismatches, and defined outcome signals that enforce registry and public page verification over cli output alone.
Publish a pre-reviewed skill to ClawHub and verify live registry state without relying on browser snapshots or CLI output alone. Use this skill when you have a skill ready to ship and need honest confirmation it landed correctly. Do not use this to decide whether a skill deserves release, that's a gate decision upstream. The skill enforces safe publish flow: input validation, secrets check, current state inspection, publish via CLI, registry verification, and public page check if accessible. Report status accurately, including any blocks, mismatches, or failures instead of pretending success.
clawhub- (reserved by platform). example: my-skill-name./home/user/projects/my-skill.1.2.3.add decision points section, fix typos.external connections:
clawhub publish and clawhub inspect commands. no auth token or env var typically needed if cli is local. if your clawhub instance requires auth, set CLAWHUB_AUTH_TOKEN env var with a valid token before running this skill.https://registry.clawhub.io but verify with local cli help.edge cases to handle:
clawhub inspect (means skill not yet published or slug does not exist).read and parse the publish request. extract slug, source path, target version, changelog, expected live content, and release review status from user input. store in structured format.
slug, source_path, target_version, changelog, expected_content, release_reviewed.validate required inputs. confirm slug, source path, target version, and changelog are present and non-empty. if any is missing, return NEEDS_INFO and list missing fields.
check source path exists and contains SKILL.md. verify the directory at source path exists and contains a SKILL.md file. if not found, return FAILED with explanation.
scan SKILL.md and skill directory for secrets or private credentials. look for hardcoded api keys, tokens, passwords, private urls, or ssh keys in SKILL.md and any code files in the directory. if found, return BLOCKED and list the issues. do not proceed to publish.
check if slug already exists in live registry. run clawhub inspect <slug> to get current published version and metadata. if the skill exists, record current version. if it does not exist, confirm this is a first publish.
run publish command via local clawhub cli. execute clawhub publish <source_path> --version <target_version> --changelog "<changelog>". capture full command output and exit code. if command fails, return FAILED with command output.
wait 3-5 seconds for registry sync. live registry may not update instantly. introduce short delay to let backend process the publish.
verify live registry state with clawhub inspect. run clawhub inspect <slug> again and compare returned version and metadata to target version and expected content. if version matches and content is as expected, verification is PASS. if version does not match or content is missing, return MISMATCH.
check public page if accessible. attempt to fetch the live public page for the skill (typically https://registry.clawhub.io/skills/<slug>). if page loads, check that expected content appears on the page. if page is blocked (403/404), report BLOCKED. if page loads but expected content is missing or different, report MISMATCH. if page loads and expected content is present, report PASS.
compile release report. construct a structured report with skill metadata, version info, urls, install command, verification status, any issues found, and next action. include all required fields per output contract.
if release review is required and not completed: return NEEDS_INFO with message "release review required but not completed, cannot proceed to publish". do not call publish command.
if any required input is missing (slug, source path, version, changelog): return NEEDS_INFO with message listing missing fields. do not proceed.
if source path does not exist or does not contain SKILL.md: return FAILED with message "source path does not exist or SKILL.md not found at
if secrets or private credentials are found in source directory: return BLOCKED with message "credentials found in source directory, cannot publish. remove or rotate: [list]". do not call publish command.
if slug starts with clawhub- (reserved prefix): return BLOCKED with message "slug '
if clawhub inspect shows a current version and this is meant to be a first publish: return NEEDS_INFO with message "skill slug '
if publish command exits with error: return FAILED with message "publish command failed" and include command output. do not proceed to verification.
if registry verification is MISMATCH (version or content does not match expected): return PUBLISHED with status "published but verification failed". include details of what is mismatched. do not report PASS.
if public page check times out or network is unreachable: return PUBLISHED with status "published and registry verified but public page check failed (network unreachable)". mark public page verification as NOT_RUN.
if public page is blocked (403/404): return PUBLISHED with status "published and registry verified but public page is not accessible (blocked)". mark public page verification as BLOCKED.
if public page loads but expected content is missing or mismatched: return PUBLISHED with status "published and registry verified but public page content is mismatched". list what was expected vs. what was found. do not claim success.
if clawhub cli is not available (command not found): return FAILED with message "clawhub cli not found in PATH, install and configure before using this skill".
if auth token is invalid or expired: return FAILED with message "authentication failed (invalid or expired token), refresh CLAWHUB_AUTH_TOKEN and retry".
return a structured report with the following fields, all populated:
publish_status: PUBLISHED | FAILED | BLOCKED | NEEDS_INFO
registry_verification: PASS | FAILED | MISMATCH | NOT_RUN
public_page_verification: PASS | BLOCKED | MISMATCH | NOT_RUN
skill:
source_path:
previous_version: (or "none" if first publish)
target_version:
url: (live skill page url, e.g. https://registry.clawhub.io/skills/my-skill)
install_command: (e.g. clawhub install my-skill@1.2.3)
command_used: (exact cli command executed, e.g. clawhub publish /path/to/skill --version 1.2.3 --changelog "...")
verified_by: clawhub inspect | public page | both | none
issues: (list of problems found, empty if none)
next_action: (what to do next, e.g. "monitor live page for cache refresh", "rotate credentials and retry", "update slug and republish")
return as json or plaintext table, whichever is clearer for the user.
the user knows the skill worked when:
clawhub inspect output matches target version).if publish_status is not PUBLISHED, or registry_verification is MISMATCH or FAILED, the skill did not work. inspect errors in the issues list and follow next_action. do not assume success because the publish command printed "success" or similar. verify via clawhub inspect and live public page before confirming success to the user.