Openclaw local plugin integration#1488
Merged
Hun-ger merged 6 commits intoopenclaw-local-plugin-20260408from Apr 17, 2026
Merged
Openclaw local plugin integration#1488Hun-ger merged 6 commits intoopenclaw-local-plugin-20260408from
Hun-ger merged 6 commits intoopenclaw-local-plugin-20260408from
Conversation
loadConfig() silently returned on non-200 responses, leaving the
settings form with empty/default values. Users saw blank model fields
and "Provider and Model are required" errors on test, with no hint
that the real issue was an expired session.
Other settings functions (doSaveConfig, saveModelsConfig, testModel)
already handle 401 correctly via `toast(t('settings.session.expired'))`.
This commit applies the same pattern to loadConfig for consistency.
Made-with: Cursor
- Constrain skill name to 2-4 word kebab-case - Limit frontmatter to name + description only - Add rule against creating extra documentation files - Add 'assume agent is smart' principle - Strengthen trigger condition requirements in description - Clarify metadata as optional OpenClaw extension Fixes #1423
…ings-silent-auth-failure
## Problem
When a user's Viewer session expires and they navigate to the
**Settings** tab, `loadConfig()` fetches `/api/config` which returns
HTTP 401. The function silently returns on `!r.ok`, leaving all form
fields at their empty/default values.
**User-visible symptoms:**
- Embedding model field appears blank (even though `openclaw.json` has a
valid config)
- Clicking "Test Connection" shows: *"❌ 连接失败 — Provider and Model are
required"*
- No indication that the actual issue is an expired session
- Users may think their configuration was lost after a plugin upgrade
## Root Cause
```js
// html.ts — loadConfig()
const r = await fetch('/api/config');
if (!r.ok) return; // ← silently swallows 401
```
Other settings functions already handle this correctly:
| Function | 401 handling |
|---|---|
| `doSaveConfig()` | ✅ `toast(t('settings.session.expired'), 'error')` |
| `saveModelsConfig()` | ✅ `toast(t('settings.session.expired'),
'error')` |
| `testModel()` | ✅ Shows expired message in result element |
| **`loadConfig()`** | ❌ Silent return — **this PR** |
## Fix
One-line addition: check for 401 before the generic `!r.ok` guard, show
the same session-expired toast that other functions use.
```diff
async function loadConfig(){
try{
const r=await fetch('/api/config');
+ if(r.status===401){toast(t('settings.session.expired'),'error');return;}
if(!r.ok) return;
```
No new i18n keys — reuses existing `settings.session.expired`.
## Testing
1. Open Viewer → Settings tab (should load normally)
2. Wait for session to expire (or manually delete the session cookie)
3. Navigate away from Settings and back
4. **Before fix:** Blank form, no error
5. **After fix:** Toast "登录已过期,请刷新页面重新登录"
Made with [Cursor](https://cursor.com)
…generation-template
…es (#1434) ## What Aligns the skill generation prompt template (`STEP1_SKILL_MD_PROMPT`) with [skill-creator best practices](https://github.com/anthropics/skills/blob/main/skills/skill-creator/SKILL.md), addressing all 6 issues raised in #1423. ## Changes 1. **Name constraint**: 2-4 word kebab-case (was unconstrained) 2. **Frontmatter**: Limited to `name` + `description` only 3. **No extra files**: Explicitly prohibits README/CHANGELOG/etc generation 4. **Assume smart agent**: Only include info the agent doesn't already know 5. **Stronger trigger rules**: Description must include trigger scenarios + keywords 6. **Progressive disclosure**: Multi-variant skills should use references/ subdirectory ## Question for maintainers The current template includes `metadata: { openclaw: { emoji } }` in frontmatter. Per best practices, frontmatter should only have `name` and `description`. I've moved the metadata guidance to an HTML comment at the end of the file body, noting it as an optional OpenClaw extension. Please let me know if you'd prefer a different approach. ## Testing - Manual review of prompt template alignment with spec - Only string literal changes, no logic affected Fixes #1423
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This PR integrates recent fixes to improve skill generation and handle viewer authentication gracefully.
loadConfigfunction to show a "session expired" toast notification when receiving a 401 Unauthorized response, preventing silent authentication failures.Related Issue (Required): Fixes #1434, Fixes #1424
Type of change
Please delete options that are not relevant.
How Has This Been Tested?
Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration
Checklist
Reviewer Checklist