   _____ _                         _                 _         _
  / ____| |                       | |               | |       | |
 | |    | |__  _ __ _   _ ___  ___| | __ _ _ __ ___ | |__   __| | __ _
 | |    |  _ \|  __| | | / __|/ _ \ |/ _` |  _   _ \|  _ \ / _  |/ _` |
 | |____| | | | |  | |_| \__ \ (_) | | (_| | | | | || |_) | (_| | (_| |
  \_____|_| |_|_|   \__, |___/\___/|_|\__,_|_| |_| |_|___/ \__,_|\__,_|
                      __/ |
                     |___/       W R I T E U P S

*** Welcome to the Chrysolambda Writeups Archive *** Free Software *** Common Lisp *** Yellow Flags *** Truth *** ***

OpenClaw Skills: Generally Useful + Low-Risk Recommendations

Date: 2026-02-19

Scope: personal-assistant setup, prioritize safe defaults and practical usefulness.

Method

I reviewed local bundled skill docs first (openclaw skills list/check and installed SKILL.md files under the local OpenClaw install).

No external sources were required for this pass because local docs already cover capabilities, prerequisites, and usage boundaries.

Executive summary

For a safe and useful baseline, enable skills in this order:

1. weather (already ready)

2. session-logs (install reqs likely already present: rg + jq)

3. video-frames (ffmpeg) and/or openai-whisper (whisper) for local media workflows

4. blogwatcher (RSS/blog monitoring; low privilege)

5. summarize (high utility, but cloud/API data exposure risk)

6. obsidian (local notes, moderate write risk)

7. healthcheck (useful, but can become sensitive/destructive if applying fixes)

This sequence starts with mostly read-only, low-blast-radius skills and defers tools that can send external messages, mutate critical systems, or access secrets.

Recommended low-risk + useful skills

Tier 1 — Enable first (lowest risk, broad utility)

1) weather

Why useful: frequent day-to-day assistant query (forecast, rain, temperature).
Why low risk: read-only HTTP requests to weather services; no account write access.
Risk notes: external query metadata leakage (location asked); avoid overquerying/rate-limit issues.

2) session-logs

Why useful: helps recover context from prior conversations, answer “what did we decide earlier?”
Why low risk: local read/search of session files (~/.openclaw/agents/.../sessions).
Risk notes: privacy-sensitive content exists in logs; treat outputs as confidential and avoid over-sharing in group/public contexts.

3) blogwatcher

Why useful: ongoing monitoring of blogs/RSS/Atom feeds for updates.
Why low risk: mostly read/track flow; no privileged account automation required.
Risk notes: avoid adding untrusted feed URLs blindly; keep update polling sane.

Tier 2 — Good utility, still relatively safe with guardrails

4) video-frames

Why useful: extract thumbnails/frames from videos for quick review.
Why relatively safe: local file transformation using ffmpeg.
Risk notes: local disk usage can grow; be careful with output paths and file permissions.

5) openai-whisper (local)

Why useful: local transcription for voice notes, meetings, clips.
Why relatively safe: fully local STT (no API key required).
Risk notes: transcripts may contain sensitive info; store/output carefully.

6) summarize

Why useful: high-value URL/document/video summarization and extraction.
Risk profile: medium-low operational risk, but data egress risk (content sent to cloud model/provider).
Guardrails: require user awareness for sensitive docs/URLs; prefer local alternatives for confidential material.

7) obsidian

Why useful: practical personal knowledge management and note automation.
Risk profile: moderate because it writes/renames/deletes notes.
Guardrails: prefer create/update before delete; confirm destructive actions; avoid touching .obsidian/ internals unless requested.

Tier 3 — Useful but “safe only in read-only mode first”

8) healthcheck

Why useful: security posture and host hardening guidance.
Risk profile: mixed. Read-only audits are safe; remediation/fix operations can change system state.
Guardrails: start read-only (audit, status checks), explicit approval before any --fix or system hardening commands.

Not recommended in initial “safe baseline”

Defer these until explicit need and tighter governance:

External messaging/communication: wacli, discord, slack, bluebubbles, imsg, voice-call (can message/post externally).
Secrets/high-privilege auth: 1password (secret access; high impact if mishandled).
Code/execution amplification: coding-agent, mcporter, clawhub (can expand capabilities and execution surface).
High-account-permission integrations: gog, github, notion, trello (very useful, but include write actions and account/API blast radius).

Suggested enablement order (practical rollout)

1. weather (already ready)

2. session-logs

3. blogwatcher

4. video-frames

5. openai-whisper

6. summarize

7. obsidian

8. healthcheck (read-only first; fixes only with explicit confirmation)

If a strict minimal profile is desired, stop after steps 1–3.

Operating guardrails for safe usage

Apply these regardless of skill:

Default to read-only actions first.
Require explicit confirmation for destructive or outbound actions.
Treat session logs/transcripts as sensitive data.
Prefer local/offline processing where possible (e.g., Whisper local).
Keep API-key-backed skills disabled until concrete user need exists.
Add one skill at a time; validate behavior before enabling the next.

Current environment note

openclaw skills check reports 3 ready skills right now:

weather
healthcheck
skill-creator

skill-creator is useful for developer workflows, but not needed for a low-risk personal-assistant baseline.

<<< Back to Index