chore: add maintainer setup baseline

[vincentkoc]

Summary

• add maintainer setup baseline files for this repository
• add CODEOWNERS, Dependabot, SECURITY.md, CodeQL, stale automation, and Crabbox/autoreview support
• add AGENTS.md with repo maintainer defaults

Verification

• git diff --check
• ruby YAML.load_file for added/changed YAML files
• actionlint for added/changed workflow files
• private-data scan for added/changed non-skill setup files; PNPM_VERSION hits, where present, were false positives
• verified Crabbox skill SHA-256 matches openclaw/openclaw: ed512c0b0385fae7f6c5c14a7e9e6236ab68936506687a99ca976873492bdc43

Runtime tests were not run; this is setup, policy, and workflow metadata only.

[github-advanced-security]

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

• The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
• Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
• You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

[clawsweeper]

Codex review: needs changes before merge.

Latest ClawSweeper review: 2026-05-22 14:42 UTC / May 22, 2026, 10:42 AM ET.

Workflow note: Future ClawSweeper reviews update this same comment in place.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

Summary
The PR adds repository maintainer setup metadata, including CODEOWNERS, Dependabot, SECURITY.md, CodeQL, stale automation, Crabbox config/workflow support, and bundled agent skills.

Reproducibility: yes. for the review finding: current main's workflow files show full SHA-pinned actions, while the PR's added workflow files use mutable version tags. Runtime reproduction is not applicable because this is repository setup automation.

PR rating
Overall: 🦐 gold shrimp
Proof: 🌊 off-meta tidepool
Patch quality: 🦐 gold shrimp
Summary: The setup direction is coherent, but the workflow supply-chain issue needs repair before merge.

Rank-up moves:

• Pin all added workflow action refs to full commit SHAs.
• Have a maintainer confirm the stale automation timing and close policy before enabling it.

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

Real behavior proof
Not applicable: The contributor is a repository member and the change is setup, policy, and workflow metadata, so the external contributor real-behavior proof gate does not apply.

Risk before merge

• Merging the workflow additions as written would introduce mutable GitHub Action tag refs on security and automation workflows, while current main's existing workflows use SHA-pinned action refs.
• The stale workflow can write to issues and pull requests and close inactive items, so maintainers should explicitly accept the timing and exemption policy before enabling it.

Maintainer options:

1. Pin action refs before merge (recommended)
   Update all added workflows to use full commit SHAs for third-party and GitHub-owned actions, matching current main's workflow pattern.
2. Accept mutable workflow refs
   Maintainers may intentionally accept tag-based action refs, but that would be a repository-wide supply-chain policy change from the current pinned workflow style.

Copy recommended automerge instruction

@clawsweeper automerge

Special instructions:
Pin every added GitHub Action reference in .github/workflows/codeql.yml, .github/workflows/crabbox-hydrate.yml, and .github/workflows/stale.yml to audited full commit SHAs while preserving the intended action versions in comments.

Next step before merge
A narrow automated repair can pin the added workflow action refs without making the maintainer policy decision for stale automation.

Security
Needs attention: The PR adds multiple workflow execution paths with unpinned GitHub Action refs, which is a concrete supply-chain concern.

Review findings

• [P2] Pin the new workflow actions — .github/workflows/codeql.yml:29-32

Review details

Best possible solution:

Pin every added GitHub Action ref to audited full SHAs, then let maintainers decide whether the stale and Crabbox automation policy should ship as part of the baseline.

Do we have a high-confidence way to reproduce the issue?

Yes for the review finding: current main's workflow files show full SHA-pinned actions, while the PR's added workflow files use mutable version tags. Runtime reproduction is not applicable because this is repository setup automation.

Is this the best way to solve the issue?

No as submitted: the setup baseline is plausible, but the workflows should preserve the repository's pinned-action pattern before merge.

Label changes:

• add P2: The PR is repository automation setup with a concrete but fixable supply-chain issue before merge.
• add merge-risk: 🚨 security-boundary: The diff adds workflows that execute tag-referenced actions rather than pinned action SHAs.
• add merge-risk: 🚨 automation: The PR adds CodeQL, stale, Dependabot, and Crabbox automation that can affect repository checks and issue/PR handling after merge.
• add rating: 🦐 gold shrimp: Current PR rating is 🦐 gold shrimp because proof is 🌊 off-meta tidepool, patch quality is 🦐 gold shrimp, and The setup direction is coherent, but the workflow supply-chain issue needs repair before merge.
• add status: ⏳ waiting on author: ClawSweeper has contributor-facing work open and is waiting for author action. Not applicable: The contributor is a repository member and the change is setup, policy, and workflow metadata, so the external contributor real-behavior proof gate does not apply.

Label justifications:

• P2: The PR is repository automation setup with a concrete but fixable supply-chain issue before merge.
• merge-risk: 🚨 security-boundary: The diff adds workflows that execute tag-referenced actions rather than pinned action SHAs.
• merge-risk: 🚨 automation: The PR adds CodeQL, stale, Dependabot, and Crabbox automation that can affect repository checks and issue/PR handling after merge.
• rating: 🦐 gold shrimp: Current PR rating is 🦐 gold shrimp because proof is 🌊 off-meta tidepool, patch quality is 🦐 gold shrimp, and The setup direction is coherent, but the workflow supply-chain issue needs repair before merge.
• status: ⏳ waiting on author: ClawSweeper has contributor-facing work open and is waiting for author action. Not applicable: The contributor is a repository member and the change is setup, policy, and workflow metadata, so the external contributor real-behavior proof gate does not apply.

Full review comments:

• [P2] Pin the new workflow actions — .github/workflows/codeql.yml:29-32
  The new workflows introduce actions referenced by mutable tags, e.g. actions/checkout@v6 and github/codeql-action/init@v4, while current workflows pin action refs to full SHAs. For repository automation and code-scanning workflows, this creates supply-chain drift from the existing pattern and should be fixed by pinning each added action to an audited commit SHA.
  Confidence: 0.92

Overall correctness: patch is incorrect
Overall confidence: 0.88

Security concerns:

• [medium] Unpinned workflow actions — .github/workflows/codeql.yml:29
  Added workflows use version tags for actions instead of full commit SHAs, unlike existing workflows on main; mutable action refs can change what code runs in repository automation without a repository diff.
  Confidence: 0.92

Acceptance criteria:

• git diff --check
• actionlint .github/workflows/codeql.yml .github/workflows/crabbox-hydrate.yml .github/workflows/stale.yml

What I checked:

• Protected author context: The GitHub context identifies the PR author association as MEMBER and the PR is still draft, so this workflow should not auto-close it. (3a91f922b42c)
• Current workflow pinning pattern: Existing workflows on main pin actions to full commit SHAs, including actions/checkout and actions/setup-node in deploy-worker. (.github/workflows/deploy-worker.yml:23, febdd122782c)
• Added workflows use tag refs: The PR adds workflow action refs such as actions/checkout@v6, github/codeql-action/init@v4, pnpm/action-setup@v4, actions/setup-node@v6, and actions/stale@v10. (.github/workflows/codeql.yml:29, 3a91f922b42c)
• Workflow history provenance: git blame ties the existing pinned deploy-worker workflow style to commit bd55723. (.github/workflows/deploy-worker.yml:23, bd5572307685)
• Checkout stayed clean: Read-only inspection left the target checkout clean. (febdd122782c)

Likely related people:

• Peter Steinberger: Git history shows Peter authored the existing pinned deploy-worker workflow and most current package/workflow setup on main. (role: recent workflow and package area contributor; confidence: high; commits: bd5572307685, 515621b063cb, febdd122782c; files: .github/workflows/deploy-worker.yml, .github/workflows/pages.yml, package.json)

Codex review notes: model gpt-5.5, reasoning high; reviewed against febdd122782c.

[clawsweeper]

ClawSweeper PR egg

🔥 Warming up: real-behavior proof passed; findings, security review, or rank-up moves are still in progress.

Hatch command

Comment @clawsweeper hatch when this PR is hatchable.

Hatchability rules:

• Merged PRs are hatchable.
• Open PRs are hatchable when they are status: 👀 ready for maintainer look, status: 🚀 automerge armed, or labeled clawsweeper:automerge.
• Closed unmerged PRs are hatchable only when one of those hatchable labels is still present in the durable record.

What is this egg doing here?

• Eggs appear after the PR passes real-behavior proof. It is here for vibes, not verdicts: it does not change labels, ratings, merge decisions, or automation.
• The shell reacts to review momentum: open follow-up work warms it up, re-review makes it wobble, and a clean final review lets it hatch.
• Hatchability usually comes from sufficient real-behavior proof, no blocking P0/P1/P2 findings, no security attention needed, and clean correctness. A merged PR is already final, so merge makes the egg hatchable independently.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.

[steipete]

Closing this in favor of the shared public skill source at https://github.com/openclaw/agent-skills.

We do not want to vendor the same maintainer skills into every repo. Repos that need zero-setup guidance should add a small pointer to openclaw/agent-skills; shared skill content should be updated there first and synced only where a vendored snapshot is intentionally required.