#21523: 1. CLI: Add a skill with one command: openclaw skills add <url>, 2. Control UI: "Add Skill from URL"

## Summary - **Problem:** Adding a third-party skill (e.g. from GitHub) required manually cloning the repo into `~/.openclaw/skills` and running install steps; no single command or UI flow. - **Why it matters:** Users expect to add skills in one step (like `openclaw skills add <url>` or a Control UI “Add from URL”), with clone + dependency install handled for them. - **What changed:** (1) New `src/agents/skills-add-from-url.ts`: `parseSkillRepoUrl(url)` (https-only, safe dir name); `addSkillFromUrl(opts)` clones into `~/.openclaw/skills/<name>` and runs `npm install --omit=dev` (or pnpm/yarn/bun per `skills.install.nodeManager`). (2) CLI `openclaw skills add <url>`. (3) Gateway RPC `skills.addFromUrl` and Control UI “Add from URL” (input + button) that call the same logic. - **What did NOT change:** No change to existing skill loading, eligibility, or install specs; no new permissions or secrets; URL restricted to https and safe directory names only. ## Change Type (select all) - [x] Feature ## Scope (select all touched areas) - [x] Skills / tool execution - [x] Integrations ## Linked Issue/PR - Closes # - Related # ## User-visible / Behavior Changes - **CLI:** New command `openclaw skills add <url>` (e.g. `openclaw skills add https://github.com/s87343472/backlink-pilot`). Clones repo to `~/.openclaw/skills/<repo-name>`, runs dependency install there if `package.json` exists. Prints success or error. - **Control UI (Skills tab):** New “Add from URL” input and “Add skill” button. Submits URL to gateway; same clone + install runs on server; list refreshes and message is shown below the input. ## Security Impact (required) - New permissions/capabilities? **No** - Secrets/tokens handling changed? **No** - New/changed network calls? **Yes** — git clone and npm/pnpm/yarn/bun install from user-supplied https URL. URL must be https; target path is strictly under `CONFIG_DIR/skills`; directory name is constrained to `[a-zA-Z0-9_.-]`. - Command/tool execution surface changed? **Yes** — new CLI subcommand and new RPC `skills.addFromUrl` (admin scope). Execution is clone + install only in the skill directory. - Data access scope changed? **No** - If any Yes, explain risk + mitigation: Only https URLs accepted; repo name sanitized; destination path validated to stay under managed skills dir. No arbitrary shell or arbitrary URL schemes. ## Repro + Verification ### Environment - OS: macOS (or Linux) - Runtime: Node 22+ - Relevant config: default `~/.openclaw`; optional `skills.install.nodeManager` (npm/pnpm/yarn/bun). ### Steps 1. Run `openclaw skills add https://github.com/s87343472/backlink-pilot` (or another public https Git repo with optional `package.json`). 2. Check `~/.openclaw/skills/<repo-name>` exists and, if repo has `package.json`, that `node_modules` is present. 3. In Control UI, open Skills tab, enter same URL in “Add from URL”, click “Add skill”; confirm success message and that the skill appears after refresh. ### Expected - Clone succeeds; install runs when `package.json` exists; CLI and UI both report success; new skill appears in `openclaw skills list` and in Control UI without restart. ### Actual - (Confirm same as expected after your run.) ## Evidence - [x] New unit/behavior covered by existing test patterns; manual CLI + UI run as above. - [x] Failing test/log before + passing after (N/A for new feature) - [x] Trace/log snippets (optional) - [x] Screenshot/recording (optional for UI “Add from URL”) ## Human Verification (required) - **Verified scenarios:** CLI `skills add <https-url>` for a repo with and without `package.json`; Control UI “Add from URL” with same URL; list refresh shows new skill. - **Edge cases checked:** Invalid/non-https URL rejected; existing directory name reports clear error; path stays under `~/.openclaw/skills`. - **What you did not verify:** Windows; very large repos or slow networks (timeouts). ## Compatibility / Migration - Backward compatible? **Yes** - Config/env changes? **No** (optional `skills.install.nodeManager` already exists). - Migration needed? **No** ## Failure Recovery (if this breaks) - Disable: do not use `skills add` or UI “Add from URL”; add skills manually under `~/.openclaw/skills` as before. - No config to restore; bad state limited to contents of `~/.openclaw/skills` (user can remove a failed clone directory). ## Risks and Mitigations - **Risk:** User supplies a malicious or huge repo URL; clone/install could consume disk or run install scripts. - **Mitigation:** https-only; destination path and name constrained; install runs in isolated skill dir. Consider future hardening (e.g. install with `--ignore-scripts` or sandbox) if policy tightens. - **Risk:** No rate limit on add-from-URL; repeated use could abuse network/disk. - **Mitigation:** Same as today for manual clone; admin-only RPC; can add rate limit later if needed.