SysClaw Ops (Server)
Server-side operations for the cross-agent communication system. This skill covers how SysClaw processes incoming requests, manages notifications, and communicates with agents.
Required Credentials
| Credential | Purpose | Minimal Privileges |
|---|
| INLINECODE0 | PostgreSQL host (MB-ClawTool-01) | Network access to port 5432 |
| INLINECODE1 |
PostgreSQL port (5432) | — |
|
SYSCLAW_DB_NAME | Database name (system_comm) | CONNECT privilege |
|
SYSCLAW_DB_USER | DB role for SysClaw | See privileges below |
|
SYSCLAW_DB_PASSWORD | DB password | — |
| Telegram bot token | For escalating urgent requests to the human operator | Configured via OpenClaw |
Minimal DB privileges required:
�CODEBLOCK0
Installation
This skill is designed for the SysClaw operator (an OpenClaw agent running on the server that manages infrastructure). It is not a standalone daemon.
Components
- 1. This SKILL.md — Instructions for the SysClaw agent on processing requests
- OpenClaw cron job —
sysclaw-notification-check (see below) - Telegram integration — Via OpenClaw's session delivery to the human operator
Cron Job Setup
The sysclaw-notification-check is an OpenClaw cron job, not a system binary. It runs as an isolated agent session within OpenClaw:
CODEBLOCK1
Created via OpenClaw cron API. The agent session has access to SSH and DB tools — no separate binary needed.
Telegram Integration
Escalated requests are flagged in the database by the cron job. SysClaw checks for escalated requests during its normal session workflow and notifies the human operator on Telegram using OpenClaw's messaging. The cron job itself does not send Telegram messages.
Database Tables
agent_requests — Requests from agents
| Column | Type | Notes |
|---|
| id | serial | PK |
| requesting_agent |
varchar(50) | Agent name |
| request_type | varchar(30) | access, software, resource, config, service, deployment, info |
| action | varchar(30) | install, remove, create, modify, restart, grant, check, deploy |
| target | varchar(255) | What this applies to |
| justification | text | Why it's needed |
| payload | jsonb | Request-specific details |
| urgency | varchar(20) | low, normal, urgent |
| verdict | varchar(20) | pending → approved | denied | escalated |
| security_assessment | text | SysClaw writes risk analysis |
| escalated | boolean | Whether the human operator was notified |
| created_at | timestamp | |
| resolved_at | timestamp | Set by SysClaw |
| resolved_by | varchar(50) | sysclaw or the human operator |
| source_host | varchar(100) | Originating machine |
issues — Issues reported by agents
| Column | Type | Notes |
|---|
| id | serial | PK |
| source |
varchar(50) | Agent name |
| severity | varchar(20) | info, warning, critical |
| category | varchar(50) | disk, service, error, resource, network, config, other |
| title | varchar(255) | Short description |
| details | text | Extended context |
| status | varchar(20) | open → resolved |
| created_at | timestamp | |
| source_host | varchar(100) | Originating machine |
notifications — Agent ↔ SysClaw communication
| Column | Type | Notes |
|---|
| id | serial | PK |
| recipient |
varchar(50) | Agent name or 'sysclaw' |
| sender | varchar(50) | Who sent it |
| related
request | integer | FK → agentrequests(id) |
| message | text | Notification content |
| urgency | varchar(20) | low, normal, urgent |
| read | boolean | Whether recipient has processed it |
| created_at | timestamp | |
worklog — SysClaw action log
| Column | Type | Notes |
|---|
| id | serial | PK |
| requestid |
integer | FK → agentrequests(id) |
| action | varchar(50) | What was done |
| target | varchar(255) | Where it was done |
| executed_by | varchar(50) | sysclaw or agent name |
| command | text | Command or action taken |
| result | text | Outcome |
| status | varchar(20) | in_progress, completed, failed, verified |
| started_at | timestamp | |
| completed_at | timestamp | |
Full schema reference: See references/db-schema.md for detailed column constraints, indexes, role permissions, and status flows.
Processing Workflow
Check for new notifications
CODEBLOCK2
Process a pending request
Agents submit requests because they can't do it themselves. When SysClaw approves, SysClaw executes.
Note: These queries show the pattern. Use parameterized queries or your agent's DB tooling — never interpolate values directly.
CODEBLOCK3
Execution by Request Type
| Request type | Action |
|---|
| INLINECODE12 | SSH to target, run check, write result to worklog + notification |
| INLINECODE13 |
SSH to target, install package, verify service running |
|
config | SSH to target, apply config change, verify |
|
service | SSH to target, restart/stop/start service, verify status |
|
resource | Create DB/user/allocation if SysClaw has access; escalate infrastructure requests |
|
deployment | SSH to target, deploy per request details, verify |
|
access |
Escalate to human operator — never auto-approved |
Escalate to the human operator
For urgent requests or high-risk actions:
- 1. Set
verdict = 'escalated', escalated = TRUE, �INLINECODE21 - The request is now flagged for human review
- SysClaw checks for escalated requests during its next session and notifies the human operator on Telegram
- The human operator reviews and decides
- SysClaw updates the verdict and notifies the requesting agent
Note: The cron job does NOT send Telegram messages directly. It flags requests as escalated. SysClaw handles Telegram notification during its normal session workflow.
- 4. SysClaw updates verdict and notifies the requesting agent
Resolve an issue
CODEBLOCK4
Decision Guidelines
Auto-approve (low risk):
- - Software installs on managed VMs (standard packages)
- Info/check requests (disk, service status)
- Config changes to agent's own workspace
escalate to the human operator (high risk):
- - Access requests (SSH keys, DB credentials, new users)
- Firewall or network changes
- Production service restarts
- Anything modifying shared infrastructure
- Requests marked �INLINECODE22
The human operator and infrastructure owner. All high-risk decisions require the human operator's approval.
Deny:
- - Requests without clear justification
- Dangerous operations (rm -rf, chmod 777)
- Conflicts with security policy
Cron Job Behavior
The sysclaw-notification-check OpenClaw cron job runs every 15 minutes:
- 1. Checks �INLINECODE24
- For each notification, reads the related request
- Assesses risk per Decision Guidelines above
- Low risk → approves, executes the action, logs to worklog, notifies agent with result
- High risk → flags as
verdict='escalated' for human review - Marks processed notifications as read
This is not a system cron job or binary. It runs within the OpenClaw framework as an isolated agent session with access to SSH and DB tools.
SysClaw Escalation Handling
SysClaw checks for escalated requests during its heartbeat and regular sessions:
- 1. Query: �INLINECODE26
- For each escalated request, notify the human operator on Telegram with request details
- Wait for human operator's decision
- Update verdict, write securityassessment, set resolvedat/resolved_by
- Write response notification back to the requesting agent
This is configured in SysClaw's HEARTBEAT.md to run on every heartbeat cycle.
Useful Queries
CODEBLOCK5
Security Considerations
- - Principle of least privilege: DB role should only have UPDATE on specific columns, not full table access
- Audit trail: All verdict changes are logged via
resolved_at, resolved_by, and �INLINECODE30 - Human oversight: High-risk requests always escalate to the human operator — SysClaw never auto-approposes access/infra changes
- No secrets in skill: Credentials are provided via OpenClaw environment, not stored in this skill
SysClaw Ops (服务器端)
跨代理通信系统的服务器端操作。本技能涵盖SysClaw如何处理传入请求、管理通知以及与代理通信。
所需凭证
| 凭证 | 用途 | 最低权限 |
|---|
| SYSCLAWDBHOST | PostgreSQL主机 (MB-ClawTool-01) | 端口5432的网络访问权限 |
| SYSCLAWDBPORT |
PostgreSQL端口 (5432) | — |
| SYSCLAW
DBNAME | 数据库名称 (system_comm) | CONNECT权限 |
| SYSCLAW
DBUSER | SysClaw的数据库角色 | 参见下方权限 |
| SYSCLAW
DBPASSWORD | 数据库密码 | — |
| Telegram机器人令牌 | 用于将紧急请求升级给人工操作员 | 通过OpenClaw配置 |
所需的最低数据库权限:
sql
-- agent_requests表
GRANT SELECT, UPDATE (verdict, securityassessment, resolvedat, resolvedby, escalated, escalationreason)
ON agentrequests TO role>;
-- issues表
GRANT SELECT, UPDATE (status, resolvedat, resolvedby) ON issues TO ;
-- notifications表
GRANT SELECT, INSERT, UPDATE (read) ON notifications TO ;
安装
本技能专为SysClaw操作员(运行在管理基础设施的服务器上的OpenClaw代理)设计。它不是一个独立的守护进程。
组件
- 1. 本SKILL.md — 供SysClaw代理处理请求的说明
- OpenClaw定时任务 — sysclaw-notification-check(见下文)
- Telegram集成 — 通过OpenClaw的会话投递至人工操作员
定时任务设置
sysclaw-notification-check是一个OpenClaw定时任务,而非系统二进制文件。它在OpenClaw内作为隔离的代理会话运行:
json
{
name: sysclaw-notification-check,
schedule: { kind: cron, expr: /15 *, tz: Europe/Copenhagen },
sessionTarget: isolated,
payload: {
kind: agentTurn,
message: 检查新的代理通知并处理请求。使用sysclaw-ops技能进行工作流处理。,
timeoutSeconds: 120
},
delivery: { mode: announce }
}
通过OpenClaw cron API创建。代理会话可以访问SSH和数据库工具——无需单独的二进制文件。
Telegram集成
升级的请求由定时任务在数据库中标记。SysClaw在其正常会话工作流中检查升级的请求,并使用OpenClaw的消息系统在Telegram上通知人工操作员。定时任务本身不发送Telegram消息。
数据库表
agent_requests — 来自代理的请求
| 列 | 类型 | 说明 |
|---|
| id | serial | 主键 |
| requesting_agent |
varchar(50) | 代理名称 |
| request_type | varchar(30) | access, software, resource, config, service, deployment, info |
| action | varchar(30) | install, remove, create, modify, restart, grant, check, deploy |
| target | varchar(255) | 应用对象 |
| justification | text | 为何需要 |
| payload | jsonb | 请求特定详情 |
| urgency | varchar(20) | low, normal, urgent |
| verdict | varchar(20) | pending → approved | denied | escalated |
| security_assessment | text | SysClaw编写的风险分析 |
| escalated | boolean | 是否已通知人工操作员 |
| created_at | timestamp | |
| resolved_at | timestamp | 由SysClaw设置 |
| resolved_by | varchar(50) | sysclaw或人工操作员 |
| source_host | varchar(100) | 源机器 |
issues — 代理报告的问题
varchar(50) | 代理名称 |
| severity | varchar(20) | info, warning, critical |
| category | varchar(50) | disk, service, error, resource, network, config, other |
| title | varchar(255) | 简短描述 |
| details | text | 扩展上下文 |
| status | varchar(20) | open → resolved |
| created_at | timestamp | |
| source_host | varchar(100) | 源机器 |
notifications — 代理 ↔ SysClaw通信
varchar(50) | 代理名称或sysclaw |
| sender | varchar(50) | 发送者 |
| related
request | integer | 外键 → agentrequests(id) |
| message | text | 通知内容 |
| urgency | varchar(20) | low, normal, urgent |
| read | boolean | 接收者是否已处理 |
| created_at | timestamp | |
worklog — SysClaw操作日志
integer | 外键 → agentrequests(id) |
| action | varchar(50) | 执行的操作 |
| target | varchar(255) | 执行位置 |
| executed_by | varchar(50) | sysclaw或代理名称 |
| command | text | 执行的命令或操作 |
| result | text | 结果 |
| status | varchar(20) | in_progress, completed, failed, verified |
| started_at | timestamp | |
| completed_at | timestamp | |
完整模式参考: 参见references/db-schema.md了解详细的列约束、索引、角色权限和状态流转。
处理工作流
检查新通知
sql
SELECT * FROM notifications WHERE recipient = sysclaw AND read = FALSE ORDER BY created_at ASC;
处理待处理请求
代理提交请求是因为它们无法自行完成。当SysClaw批准时,SysClaw执行操作。
注意:以下查询展示了模式。请使用参数化查询或代理的数据库工具——切勿直接插值值。
sql
-- 1. 读取请求
SELECT * FROM agentrequests WHERE id = id>;
-- 2. 评估并更新裁决
UPDATE agent_requests
SET verdict = approved,
security_assessment = 低风险:在托管虚拟机上安装标准软件包,
resolved_at = NOW(),
resolved_by = sysclaw
WHERE id = ;
-- 3. 记录到工作日志
INSERT INTO worklog (request_id, action, target, command, status)
VALUES (id>, , , , inprogress);
-- 4. 执行操作(SSH到目标,运行命令,验证)
-- 5. 更新工作日志结果
UPDATE worklog SET status = completed, result = <结果>, completedat = NOW() WHERE id = id>;
-- 6. 将响应通知写回代理
INSERT INTO notifications (recipient, sender, related_request, message, urgency)
VALUES (jobhunter, sysclaw, , 请求#5已完成:cron已在MB-OpenClaw-01上安装并验证, normal);
-- 7. 将SysClaw的通知标记为已读
UPDATE notifications SET read = TRUE WHERE id = ;
按请求类型执行
| 请求类型 | 操作 |
|---|
| info | SSH到目标,运行检查,将结果写入工作日志+通知 |
| software |
SSH到目标,安装软件包,验证服务运行 |
| config | SSH到目标,应用配置更改,验证 |
| service | SSH到目标,重启/停止/启动服务,验证状态 |
| resource | 如果SysClaw有权限则创建数据库/用户/分配;升级基础设施请求 |
| deployment | SSH到目标,按请求详情部署,验证 |
| access |
升级给人工操作员 — 绝不自动批准 |
升级给人工操作员
对于紧急请求或高风险操作:
- 1. 设置 verdict = escalated, escalated = TRUE, escalation_reason = <原因>
- 请求现在标记为待人工审核
- SysClaw在其下一次会话中检查升级的请求并在Telegram上通知人工操作员
- 人工操作员审核并决定
- SysClaw更新裁决并通知请求代理
注意: 定时任务不直接发送Telegram消息。它将请求标记为已升级。SysClaw
