chore: add constrained Crabbox setup

[vincentkoc]

Summary

• Adds the exact Crabbox skill copied from openclaw/openclaw.
• Adds constrained Crabbox config and hydrate workflow with repo-specific self-hosted runner labels.
• Adds actionlint runner-label config and CODEOWNERS coverage for the new automation surfaces.

This is the narrowed replacement shape for the earlier broad setup baseline. It intentionally does not add CodeQL, stale automation, licensing changes, Dependabot, package-manager files, or unrelated policy defaults.

Verification

• git diff --check
• Ruby YAML parse for .crabbox.yaml, .github/actionlint.yaml, and .github/workflows/crabbox-hydrate.yml
• actionlint -config-file .github/actionlint.yaml .github/workflows/crabbox-hydrate.yml
• Crabbox skill SHA-256 matched openclaw/openclaw: ed512c0b0385fae7f6c5c14a7e9e6236ab68936506687a99ca976873492bdc43
• Private-path scan for new public files
• test -z "$(gofmt -l .)"

Notes

No live Crabbox lease was started for this setup-only patch.

[clawsweeper]

Codex review: found issues before merge.

Latest ClawSweeper review: 2026-05-22 21:44 UTC / May 22, 2026, 5:44 PM ET.

Workflow note: Future ClawSweeper reviews update this same comment in place.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

Summary
The branch adds a Crabbox skill, .crabbox.yaml, actionlint runner labels, CODEOWNERS entries, and a manual Crabbox hydrate workflow for self-hosted Discrawl validation.

Reproducibility: not applicable. This is a setup PR rather than a bug report, so the review checked the diff and current main validation surface instead of reproducing a runtime failure.

PR rating
Overall: 🧂 unranked krab
Proof: 🌊 off-meta tidepool
Patch quality: 🧂 unranked krab
Summary: The idea is useful, but the patch is not merge-ready because a kept-alive self-hosted workflow can expose checkout credentials and the copied skill targets the wrong repo stack.

Rank-up moves:

• Set persist-credentials: false on the hydrate checkout before marking the Crabbox job ready.
• Adapt the Crabbox skill to Discrawl's Go validation commands and remove missing pnpm/OpenClaw workflow references.
• Provide maintainer-visible proof from a live Crabbox hydrate run after the workflow is hardened.

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

Real behavior proof
Not applicable: Not applicable because this is a MEMBER-authored setup PR; the PR body lists static validation and explicitly says no live Crabbox lease was started.

Risk before merge

• The hydrate workflow can leave the workflow token persisted in .git/config while the Crabbox job is intentionally kept alive for remote commands.
• The copied skill can route agents to pnpm/OpenClaw Testbox commands that do not exist in Discrawl, causing failed or misleading validation.
• The PR body says no live Crabbox lease was started, so the new self-hosted hydrate path is not proven on the actual runner-label flow.

Maintainer options:

1. Harden and adapt before merge (recommended)
   Disable checkout credential persistence, align action pins with the repo policy, replace copied pnpm/OpenClaw commands with Discrawl Go validation, and add real hydrate proof.
2. Accept as maintainer-owned bootstrap
   Maintainers may intentionally merge the bootstrap only if they explicitly own the temporary token and incorrect-command risks before anyone relies on Crabbox for this repo.
3. Pause the setup
   If Crabbox is not ready for Discrawl, leave validation on the existing CI and Discrawl skill until a narrower repo-specific setup is prepared.

Next step before merge
Maintainer review is needed because the PR adds a long-lived self-hosted runner workflow with a token-persistence blocker and repo-mismatched copied skill instructions.

Security
Needs attention: The new hydrate workflow keeps a self-hosted Crabbox job alive after default checkout credential persistence, which can expose the workflow token to remote lease users.

Review findings

• [P1] Disable persisted checkout credentials before keeping the runner alive — .github/workflows/crabbox-hydrate.yml:38
• [P2] Replace copied OpenClaw pnpm commands with Discrawl Go gates — .agents/skills/crabbox/SKILL.md:39

Review details

Best possible solution:

Land a Discrawl-specific Crabbox setup that disables persisted checkout credentials, pins or matches repo action versions, adapts the skill to Go/Discrawl validation commands, and proves the hydrate path before enabling long-lived self-hosted use.

Do we have a high-confidence way to reproduce the issue?

Not applicable. This is a setup PR rather than a bug report, so the review checked the diff and current main validation surface instead of reproducing a runtime failure.

Is this the best way to solve the issue?

No. The setup direction is useful, but the workflow should disable persisted checkout credentials and the copied skill should be tailored to Discrawl's Go validation surface before merge.

Label changes:

• add P2: This is a normal-priority automation improvement with limited user blast radius, but it has merge-blocking setup and security details.
• add merge-risk: 🚨 security-boundary: The new long-lived self-hosted workflow can expose persisted checkout credentials to remote Crabbox commands.
• add merge-risk: 🚨 automation: The copied skill and unproven hydrate workflow could break or misdirect the repository's validation automation.
• add rating: 🧂 unranked krab: Current PR rating is 🧂 unranked krab because proof is 🌊 off-meta tidepool, patch quality is 🧂 unranked krab, and The idea is useful, but the patch is not merge-ready because a kept-alive self-hosted workflow can expose checkout credentials and the copied skill targets the wrong repo stack.
• add status: ⏳ waiting on author: ClawSweeper has contributor-facing work open and is waiting for author action. Not applicable: Not applicable because this is a MEMBER-authored setup PR; the PR body lists static validation and explicitly says no live Crabbox lease was started.
• remove rating: 🌊 off-meta tidepool: Current PR rating is rating: 🧂 unranked krab, so this older rating label is no longer current.

Label justifications:

• P2: This is a normal-priority automation improvement with limited user blast radius, but it has merge-blocking setup and security details.
• merge-risk: 🚨 security-boundary: The new long-lived self-hosted workflow can expose persisted checkout credentials to remote Crabbox commands.
• merge-risk: 🚨 automation: The copied skill and unproven hydrate workflow could break or misdirect the repository's validation automation.
• rating: 🧂 unranked krab: Current PR rating is 🧂 unranked krab because proof is 🌊 off-meta tidepool, patch quality is 🧂 unranked krab, and The idea is useful, but the patch is not merge-ready because a kept-alive self-hosted workflow can expose checkout credentials and the copied skill targets the wrong repo stack.
• status: ⏳ waiting on author: ClawSweeper has contributor-facing work open and is waiting for author action. Not applicable: Not applicable because this is a MEMBER-authored setup PR; the PR body lists static validation and explicitly says no live Crabbox lease was started.

Full review comments:

• [P1] Disable persisted checkout credentials before keeping the runner alive — .github/workflows/crabbox-hydrate.yml:38
  This hydrate job checks out the requested ref, writes readiness state, and then keeps the self-hosted Crabbox job available for remote commands. actions/checkout persists the workflow token by default, so the lease shell can read or reuse .git/config; add persist-credentials: false before exposing the workspace.
  Confidence: 0.89
• [P2] Replace copied OpenClaw pnpm commands with Discrawl Go gates — .agents/skills/crabbox/SKILL.md:39
  Discrawl currently has only go.mod/go.sum and its existing skill points reviewers at GOWORK=off go test ./..., but the added Crabbox skill starts by invoking pnpm crabbox:run and later references missing OpenClaw Testbox scripts/workflows. Agents following this skill in this repo will fail or validate the wrong surface; adapt the skill to Discrawl's Go workflow.
  Confidence: 0.92

Overall correctness: patch is incorrect
Overall confidence: 0.88

Security concerns:

• [medium] Persisted checkout token in kept-alive Crabbox workspace — .github/workflows/crabbox-hydrate.yml:38
actions/checkout defaults to storing the workflow token in git config, and this workflow then marks the workspace ready and keeps the self-hosted job alive for remote commands. Add persist-credentials: false before enabling this path.
  Confidence: 0.88

What I checked:

• PR diff adds automation surface: The patch adds .agents/skills/crabbox/SKILL.md, .crabbox.yaml, .github/actionlint.yaml, .github/workflows/crabbox-hydrate.yml, and CODEOWNERS coverage for those new surfaces. (2ab51b292bee)
• Hydrate checkout keeps default credentials: The added workflow uses actions/checkout@v6 without persist-credentials: false, then writes Crabbox readiness state and keeps the self-hosted job alive for remote use. (.github/workflows/crabbox-hydrate.yml:38, 2ab51b292bee)
• Copied skill references absent pnpm/OpenClaw paths: The added Crabbox skill repeatedly invokes pnpm and references scripts/crabbox-wrapper.mjs and .github/workflows/ci-check-testbox.yml, but current Discrawl only has go.mod/go.sum and no package-manager files or those scripts/workflows. (.agents/skills/crabbox/SKILL.md:39, 2ab51b292bee)
• Current Discrawl validation is Go-based: The existing Discrawl skill tells repo edits to prefer GOWORK=off go test ./... plus Discrawl CLI smokes, which conflicts with the copied pnpm validation flow. (.agents/skills/discrawl/SKILL.md:130, 118dea0a308d)
• Current CI pins action versions and Go gates: Current main CI uses exact action versions such as actions/checkout@v6.0.2 and actions/setup-go@v6.4.0, then runs Go lint/test/build gates for Discrawl. (.github/workflows/ci.yml:21, 118dea0a308d)
• Protected author association: The provided GitHub context marks the PR author association as MEMBER, so this cleanup review should not auto-close it even if the setup needs changes.

Likely related people:

• Peter Steinberger: Blame and log history show Peter authored the current CODEOWNERS/CI baseline and the Discrawl skill guidance that define the affected automation and validation surface. (role: current CI and repo-skill area contributor; confidence: high; commits: 118dea0a308d, 30bd3a5d18b8, 713a634450c5; files: .github/CODEOWNERS, .github/workflows/ci.yml, .agents/skills/discrawl/SKILL.md)

Codex review notes: model gpt-5.5, reasoning high; reviewed against 57a49be163a0.

[clawsweeper]

ClawSweeper PR egg

🔥 Warming up: real-behavior proof passed; findings, security review, or rank-up moves are still in progress.

Hatch command

Comment @clawsweeper hatch when this PR is hatchable.

Hatchability rules:

• Merged PRs are hatchable.
• Open PRs are hatchable when they are status: 👀 ready for maintainer look, status: 🚀 automerge armed, or labeled clawsweeper:automerge.
• Closed unmerged PRs are hatchable only when one of those hatchable labels is still present in the durable record.

What is this egg doing here?

• Eggs appear after the PR passes real-behavior proof. It is here for vibes, not verdicts: it does not change labels, ratings, merge decisions, or automation.
• The shell reacts to review momentum: open follow-up work warms it up, re-review makes it wobble, and a clean final review lets it hatch.
• Hatchability usually comes from sufficient real-behavior proof, no blocking P0/P1/P2 findings, no security attention needed, and clean correctness. A merged PR is already final, so merge makes the egg hatchable independently.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.