chore: add maintainer setup baseline

[vincentkoc]

Summary

• add maintainer setup baseline files for this repository
• add CODEOWNERS, Dependabot, SECURITY.md, CodeQL, stale automation, and Crabbox/autoreview support
• add AGENTS.md with repo maintainer defaults
• configure pnpm maintainer hydrate checks

Verification

• git diff --check
• ruby YAML.load_file for added/changed YAML files
• actionlint for added/changed workflow files
• private-data scan for added/changed non-skill setup files; PNPM_VERSION hits, where present, were false positives
• verified Crabbox skill SHA-256 matches openclaw/openclaw: ed512c0b0385fae7f6c5c14a7e9e6236ab68936506687a99ca976873492bdc43

Runtime tests were not run; this is setup, policy, and workflow metadata only.

[github-advanced-security]

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

• The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
• Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
• You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

[clawsweeper]

Codex review: needs changes before merge.

Latest ClawSweeper review: 2026-05-22 14:45 UTC / May 22, 2026, 10:45 AM ET.

Workflow note: Future ClawSweeper reviews update this same comment in place.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

Summary
The PR adds maintainer setup baseline files, including CODEOWNERS, Dependabot, SECURITY.md, CodeQL, stale automation, Crabbox hydration, Crabbox/autoreview skills, and AGENTS.md.

Reproducibility: not applicable. this is an administrative setup PR, not a runtime bug report. The relevant verification is static diff and workflow review against current main.

PR rating
Overall: 🦪 silver shellfish
Proof: 🌊 off-meta tidepool
Patch quality: 🦪 silver shellfish
Summary: The baseline is coherent, but the workflow supply-chain blocker makes the patch not merge-ready yet.

Rank-up moves:

• Pin the newly added workflow action refs to immutable SHAs with version comments.
• Confirm whether the stale auto-close policy should land with this baseline or be split out.

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

Real behavior proof
Not applicable: The real behavior proof gate does not apply because this is a member-authored maintainer setup PR and not an external runtime-behavior contribution.

Risk before merge

• Merging as-is would add workflow code execution through mutable action tags, including on the self-hosted Crabbox hydration lane.
• The stale workflow would begin automatically labeling and closing issues and pull requests, so maintainers should explicitly accept that repository policy before merge.

Maintainer options:

1. Pin workflow actions first (recommended)
   Pin every added GitHub Actions uses ref in the new CodeQL, Crabbox hydrate, and stale workflows to immutable commit SHAs with version comments matching the existing workflow style.
2. Accept tagged actions intentionally
   Maintainers may choose to allow mutable tags for these setup workflows, but that should be an explicit repository policy exception before merge.
3. Split stale policy
   If automatic stale closure needs separate approval, split .github/workflows/stale.yml out and land the rest of the baseline after the workflow pinning repair.

Copy recommended automerge instruction

@clawsweeper automerge

Special instructions:
Pin all added GitHub Actions `uses:` references in `.github/workflows/codeql.yml`, `.github/workflows/crabbox-hydrate.yml`, and `.github/workflows/stale.yml` to immutable commit SHAs with version comments matching the existing workflow style; keep existing permissions and behavior unchanged unless pinning requires a syntax-only adjustment.

Next step before merge
A narrow automation repair can pin the new workflow action refs; maintainers still need to accept the stale-policy behavior before merge.

Security
Needs attention: The diff adds security-sensitive workflow execution paths that currently use mutable action tags.

Review findings

• [P1] Pin the new workflow actions — .github/workflows/crabbox-hydrate.yml:42-50

Review details

Best possible solution:

Land the setup baseline only after workflow action refs are pinned to immutable SHAs and maintainers explicitly accept the new repository automation policies.

Do we have a high-confidence way to reproduce the issue?

Not applicable; this is an administrative setup PR, not a runtime bug report. The relevant verification is static diff and workflow review against current main.

Is this the best way to solve the issue?

No, not as-is: the baseline direction is plausible, but the workflow action refs should be pinned before merge and the stale auto-close policy needs maintainer acceptance.

Label changes:

• add P2: This is a normal-priority maintainer setup PR with a concrete workflow supply-chain blocker before merge.
• add merge-risk: 🚨 security-boundary: The PR adds new workflow code execution paths with mutable action tags, including actions that run before dependency install on maintainer automation.
• add merge-risk: 🚨 automation: The PR changes repository automation by adding CodeQL, Crabbox hydration, Dependabot, CODEOWNERS, and automatic stale closure.
• add rating: 🦪 silver shellfish: Current PR rating is 🦪 silver shellfish because proof is 🌊 off-meta tidepool, patch quality is 🦪 silver shellfish, and The baseline is coherent, but the workflow supply-chain blocker makes the patch not merge-ready yet.
• add status: ⏳ waiting on author: ClawSweeper has contributor-facing work open and is waiting for author action. Not applicable: The real behavior proof gate does not apply because this is a member-authored maintainer setup PR and not an external runtime-behavior contribution.

Label justifications:

• P2: This is a normal-priority maintainer setup PR with a concrete workflow supply-chain blocker before merge.
• merge-risk: 🚨 security-boundary: The PR adds new workflow code execution paths with mutable action tags, including actions that run before dependency install on maintainer automation.
• merge-risk: 🚨 automation: The PR changes repository automation by adding CodeQL, Crabbox hydration, Dependabot, CODEOWNERS, and automatic stale closure.
• rating: 🦪 silver shellfish: Current PR rating is 🦪 silver shellfish because proof is 🌊 off-meta tidepool, patch quality is 🦪 silver shellfish, and The baseline is coherent, but the workflow supply-chain blocker makes the patch not merge-ready yet.
• status: ⏳ waiting on author: ClawSweeper has contributor-facing work open and is waiting for author action. Not applicable: The real behavior proof gate does not apply because this is a member-authored maintainer setup PR and not an external runtime-behavior contribution.

Full review comments:

• [P1] Pin the new workflow actions — .github/workflows/crabbox-hydrate.yml:42-50
  The new workflows introduce tag-based action refs such as actions/checkout@v6, pnpm/action-setup@v4, and actions/stale@v10. Existing workflow setup in this repo pins these executable actions to immutable SHAs, and the new Crabbox lane runs on self-hosted automation, so a moved tag would change code executing in maintainer workflows. Please pin the added action refs to SHAs with version comments.
  Confidence: 0.86

Overall correctness: patch is incorrect
Overall confidence: 0.78

Security concerns:

• [medium] Mutable workflow action refs — .github/workflows/crabbox-hydrate.yml:42
  The added CodeQL, Crabbox hydrate, and stale workflows use version tags for executable actions instead of immutable commit SHAs, expanding supply-chain exposure in repository automation.
  Confidence: 0.86

Acceptance criteria:

• git diff --check
• actionlint .github/workflows/codeql.yml .github/workflows/crabbox-hydrate.yml .github/workflows/stale.yml

What I checked:

• Member-authored draft PR: The supplied GitHub context marks this PR as draft with authorAssociation MEMBER, so this cleanup review must not auto-close it even if the branch is stale or policy-like. (75ffc108d2e1)
• Branch only adds baseline files: The diff from current main to the PR head adds 11 files and does not modify existing runtime code. (75ffc108d2e1)
• Workflow action refs are mutable: The added Crabbox workflow uses actions/checkout@v6, pnpm/action-setup@v4, and actions/setup-node@v6 rather than immutable action SHAs; the added CodeQL and stale workflows also use tag refs. (.github/workflows/crabbox-hydrate.yml:42, 75ffc108d2e1)
• Existing workflow precedent: Current main pins checkout, pnpm/action-setup, setup-node, and actionlint refs to commit SHAs in existing CI/package/release workflows, which makes the new mutable refs a repo-policy mismatch. (.github/workflows/ci.yml:24, 26809ef0007c)
• Whitespace validation: The PR diff passes git diff whitespace checks. (75ffc108d2e1)
• Workflow history: The existing GitHub Actions workflow baseline on current main traces to Peter Steinberger's release commit that added ci, package, and npm release workflows. (.github/workflows/ci.yml:1, 8430d51d183b)

Likely related people:

• Peter Steinberger: Local history and blame show the current CI/package/release workflow baseline was added in the 0.3.3 release commit. (role: recent workflow and release automation contributor; confidence: high; commits: 8430d51d183b, 351c06e32575; files: .github/workflows/ci.yml, .github/workflows/package.yml, .github/workflows/proxyline-npm-release.yml)
• Jesse Merhi: Earlier package and runtime commits in local history make Jesse a useful secondary routing candidate if setup changes affect package workflows. (role: adjacent package and runtime history contributor; confidence: medium; commits: aeb4bdb3fddc, e9760dc261f6, 2bd825c94a07; files: package.json, src/runtime.ts, src/index.ts)

Codex review notes: model gpt-5.5, reasoning high; reviewed against 26809ef0007c.

[clawsweeper]

ClawSweeper PR egg

🔥 Warming up: real-behavior proof passed; findings, security review, or rank-up moves are still in progress.

Hatch command

Comment @clawsweeper hatch when this PR is hatchable.

Hatchability rules:

• Merged PRs are hatchable.
• Open PRs are hatchable when they are status: 👀 ready for maintainer look, status: 🚀 automerge armed, or labeled clawsweeper:automerge.
• Closed unmerged PRs are hatchable only when one of those hatchable labels is still present in the durable record.

What is this egg doing here?

• Eggs appear after the PR passes real-behavior proof. It is here for vibes, not verdicts: it does not change labels, ratings, merge decisions, or automation.
• The shell reacts to review momentum: open follow-up work warms it up, re-review makes it wobble, and a clean final review lets it hatch.
• Hatchability usually comes from sufficient real-behavior proof, no blocking P0/P1/P2 findings, no security attention needed, and clean correctness. A merged PR is already final, so merge makes the egg hatchable independently.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.

[steipete]

Closing this in favor of the shared public skill source at https://github.com/openclaw/agent-skills.

We do not want to vendor the same maintainer skills into every repo. Repos that need zero-setup guidance should add a small pointer to openclaw/agent-skills; shared skill content should be updated there first and synced only where a vendored snapshot is intentionally required.