OpenAI Auth Switcher Public

Use this skill as the publishable public-track release of the OpenAI auth switcher workflow.

It is designed for OpenClaw administrators who want a web-first, first-run-friendly, release-safe workflow for OpenAI OAuth account takeover, inspection, dry-run validation, controlled switching, and public distribution.

Purpose

Keep the live/internal operator skill and the public distributable skill separated.

This public track must:

• avoid bundling live runtime state
• avoid bundling auth snapshots, callbacks, backups, or token ledgers from a real machine
• avoid machine-specific hard-coded paths where possible
• document compatibility boundaries explicitly
• provide a release-safe packaging workflow
• keep temporary runtime files inside the skill runtime area, while encouraging important persistent state to live in an external state base via

  OPENAI_AUTH_SWITCHER_PUBLIC_STATE_DIR

Core operating model

Treat OpenClaw OpenAI OAuth switching as a high-sensitivity maintenance workflow.

Always do work in this order:

1. Use

   install.sh

   as the default user-facing bootstrap entrypoint.
2. Run

   doctor.py

   when installation or environment checks fail.
3. Confirm runtime discovery with

   env_detect.py

   .
4. Inspect the current runtime before any switch logic.
5. Dry-run any target before proposing a write.
6. Keep rollback and backup behavior explicit.
7. Package only from this public skill directory or from a sanitized staging copy.

Included scripts

Primary public-release scripts:

• install.sh

  — recommended user entrypoint; wraps the web bootstrap into a single shell command

• uninstall.sh

  — recommended cleanup entrypoint before

  clawhub uninstall

• scripts/install_web_app.py

  — one-shot web bootstrap for first-run access

• scripts/pick_port.py

  — port selection helper (

  9527

  →

  12138

  → fallback)

• scripts/generate_web_credentials.py

  — default admin credential generator

• scripts/doctor.py

  — compatibility and environment checks

• scripts/env_detect.py

  — OpenClaw path and runtime discovery

• scripts/paths.py

  — centralized path resolution helpers

• scripts/inspect_runtime.py

  — portable runtime inspection

• scripts/profile_slot.py

  — public-safe slot metadata and local slot files

• scripts/rollback_experiment.py

  — rollback helper using explicit backup sources

• scripts/switch_experiment.py

  — controlled switch experiment with backup and rollback

• scripts/token_ledger.py

  — local token attribution ledger rebuild

• scripts/hourly_usage.py

  — hourly/daily rollup payload for local analytics

• scripts/package_public_skill.py

  — release-safe packager wrapper

Helper modules:

• scripts/auth_file_lib.py

• scripts/probe_lib.py

• scripts/lock_lib.py

• scripts/state_lib.py

Compatibility and safety references

Read only as needed:

• references/compatibility.md

  — Python / Node / OpenClaw / OS expectations

• references/runtime-discovery.md

  — path detection and override model

• references/install-and-runbook.md

  — operator flow and first-run checks

• references/security-model.md

  — sensitivity, boundaries, and redaction rules

• references/packaging-policy.md

  — publish checklist and forbidden contents

• references/migration-notes.md

  — relation to the internal/live skill

Release rule

Do not publish

skills/openai-auth-switcher

directly.

Use the public skill directory for ClawHub publication and use a packaging wrapper that rejects runtime data, backups, session callbacks, and credential-bearing files.

Recommended first release positioning:

• version:

  0.1.0

• tested on OpenClaw

  2026.3.11

• tested on Python

  3.11

• tested on Node.js

  22.x

• Linux-first release