chore: add maintainer setup baseline

[vincentkoc]

Summary

• add maintainer setup baseline files for this repository
• add CODEOWNERS, Dependabot, SECURITY.md, CodeQL, stale automation, and Crabbox/autoreview support
• configure mixed JavaScript/TypeScript and automation setup

Verification

• git diff --check
• ruby YAML.load_file for added/changed YAML files
• actionlint for added/changed workflow files
• private-data scan for added/changed non-skill setup files; PNPM_VERSION hits, where present, were false positives
• verified Crabbox skill SHA-256 matches openclaw/openclaw: ed512c0b0385fae7f6c5c14a7e9e6236ab68936506687a99ca976873492bdc43

Runtime tests were not run; this is setup, policy, and workflow metadata only.

[github-advanced-security]

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

• The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
• Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
• You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

[clawsweeper]

Codex review: found issues before merge.

Latest ClawSweeper review: 2026-05-22 14:45 UTC / May 22, 2026, 10:45 AM ET.

Workflow note: Future ClawSweeper reviews update this same comment in place.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

Summary
Adds maintainer setup baseline files: CODEOWNERS, Dependabot, SECURITY.md, CodeQL/stale/Crabbox workflows, .crabbox.yaml, and bundled autoreview/Crabbox skills.

Reproducibility: yes. for the review findings from source inspection: the hydrate workflow uses only self-hosted plus input label before npm ci, and the added Crabbox skill references pnpm/crabbox scripts missing from current package.json.

PR rating
Overall: 🧂 unranked krab
Proof: 🌊 off-meta tidepool
Patch quality: 🧂 unranked krab
Summary: The setup intent is clear, but the patch is not merge-ready because it introduces a self-hosted runner security-boundary bug and copied commands that do not work in Kova.

Rank-up moves:

• Constrain the hydrate workflow to static Crabbox/Kova runner labels plus the dynamic lease label.
• Rewrite the Crabbox skill around Kova's npm scripts, scenarios, and direct Crabbox workflow.
• Have maintainers explicitly approve the stale automation timers and exemptions.

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

Real behavior proof
Not applicable: This is a member-authored setup PR, so the external contributor real-behavior-proof gate does not apply.

Risk before merge

• Merging as-is could let a manually dispatched Crabbox hydration run target a non-Crabbox self-hosted runner that shares the supplied label while executing code from the selected ref.
• The stale workflow would begin write-capable issue and PR label/close automation; timers, exemptions, and assigned-PR update handling need explicit maintainer approval.
• The Crabbox skill is copied from OpenClaw/pnpm flows and would mislead agents in Kova's npm-based repository unless rewritten.

Maintainer options:

1. Harden Before Merge (recommended)
   Require the static Crabbox labels from .crabbox.yaml in the hydrate workflow, keep the dynamic lease label, and replace copied OpenClaw/pnpm skill commands with Kova npm or direct Crabbox commands.
2. Approve Automation Policy
   If maintainers want the stale timers and assigned-PR behavior as written, record that policy decision before enabling write-capable stale automation.
3. Pause The Baseline
   Pause or close this PR if the repository is not ready to own CODEOWNERS, stale closure, Crabbox, and bundled skill policy in one setup change.

Next step before merge
Maintainer review is needed because this draft member-authored PR changes security-sensitive workflow and repository automation policy, even though the concrete defects are clear.

Security
Needs attention: The new Crabbox hydrate workflow broadens self-hosted runner targeting before running code from the selected ref.

Review findings

• [P1] Constrain Crabbox jobs to Crabbox runners — .github/workflows/crabbox-hydrate.yml:35
• [P2] Align Crabbox commands with Kova's npm setup — .agents/skills/crabbox/SKILL.md:39

Review details

Best possible solution:

Land a Kova-specific setup baseline after hardening Crabbox runner targeting, aligning skill commands with npm/Kova scenarios, and explicitly approving stale/CODEOWNERS policy.

Do we have a high-confidence way to reproduce the issue?

Yes for the review findings from source inspection: the hydrate workflow uses only self-hosted plus input label before npm ci, and the added Crabbox skill references pnpm/crabbox scripts missing from current package.json.

Is this the best way to solve the issue?

No. The baseline should first constrain self-hosted runner selection, make the Crabbox skill Kova-specific, and get maintainer approval for the new stale/CODEOWNERS policy.

Label changes:

• add P1: The PR adds security-sensitive self-hosted runner and repository automation with a blocking security-boundary finding.
• add merge-risk: 🚨 security-boundary: The hydrate workflow can execute a selected ref on a self-hosted runner matched only by user-provided label input.
• add merge-risk: 🚨 automation: The PR enables new write-capable stale automation and Crabbox workflow behavior that CI alone cannot validate as policy-safe.
• add rating: 🧂 unranked krab: Current PR rating is 🧂 unranked krab because proof is 🌊 off-meta tidepool, patch quality is 🧂 unranked krab, and The setup intent is clear, but the patch is not merge-ready because it introduces a self-hosted runner security-boundary bug and copied commands that do not work in Kova.
• add status: ⏳ waiting on author: ClawSweeper has contributor-facing work open and is waiting for author action. Not applicable: This is a member-authored setup PR, so the external contributor real-behavior-proof gate does not apply.

Label justifications:

• P1: The PR adds security-sensitive self-hosted runner and repository automation with a blocking security-boundary finding.
• merge-risk: 🚨 security-boundary: The hydrate workflow can execute a selected ref on a self-hosted runner matched only by user-provided label input.
• merge-risk: 🚨 automation: The PR enables new write-capable stale automation and Crabbox workflow behavior that CI alone cannot validate as policy-safe.
• rating: 🧂 unranked krab: Current PR rating is 🧂 unranked krab because proof is 🌊 off-meta tidepool, patch quality is 🧂 unranked krab, and The setup intent is clear, but the patch is not merge-ready because it introduces a self-hosted runner security-boundary bug and copied commands that do not work in Kova.
• status: ⏳ waiting on author: ClawSweeper has contributor-facing work open and is waiting for author action. Not applicable: This is a member-authored setup PR, so the external contributor real-behavior-proof gate does not apply.

Full review comments:

• [P1] Constrain Crabbox jobs to Crabbox runners — .github/workflows/crabbox-hydrate.yml:35
  The hydrate workflow accepts crabbox_runner_label and uses it as the only non-default self-hosted label, then checks out inputs.ref and runs npm ci. Anyone able to dispatch this workflow could select a common label on a non-Crabbox self-hosted runner and execute code there. Require the static Crabbox labels from .crabbox.yaml in runs-on in addition to the dynamic lease label before running branch code.
  Confidence: 0.9
• [P2] Align Crabbox commands with Kova's npm setup — .agents/skills/crabbox/SKILL.md:39
  This new skill tells agents to start with pnpm crabbox:run, but current Kova only defines npm scripts and has no crabbox:* package scripts. The rest of the skill repeats OpenClaw pnpm test:changed flows, so agents following it in this repo will fail before producing remote proof. Replace the copied OpenClaw commands with Kova's npm checks, Kova scenarios, or direct Crabbox wrapper commands.
  Confidence: 0.86

Overall correctness: patch is incorrect
Overall confidence: 0.88

Security concerns:

• [high] Dynamic self-hosted label can target the wrong runner — .github/workflows/crabbox-hydrate.yml:35
runs-on only requires self-hosted plus the dispatch-provided label, while the job checks out the selected ref and runs npm ci; require static Crabbox/Kova labels as a hard boundary before executing branch code.
  Confidence: 0.88

What I checked:

• Protected author context: The provided GitHub context reports this PR is draft and authored by a repository MEMBER, which requires explicit maintainer handling rather than automated cleanup closure. (f175d076db1c)
• Current main setup surface: Current main only has CI and release workflows under .github/workflows; the setup baseline files added by this PR are not already present on main. (.github/workflows/ci.yml:1, ac1b15e61afd)
• Kova npm scripts: Current package.json defines npm scripts for kova, plan, check, snapshots, and release packaging, with no pnpm or crabbox:* scripts. (package.json:10, ac1b15e61afd)
• Existing CI uses npm: The existing CI workflow runs npm run check and npm run pack:release, confirming Kova's current validation path is npm-based. (.github/workflows/ci.yml:28, ac1b15e61afd)
• PR Crabbox skill mismatch: The added Crabbox skill tells agents to run pnpm crabbox:run and later copied OpenClaw pnpm test commands, which do not match Kova's current package scripts. (.agents/skills/crabbox/SKILL.md:39, f175d076db1c)
• Dynamic self-hosted runner target: The added hydrate workflow uses only self-hosted plus the caller-provided runner label before checking out the selected ref and running npm ci. (.github/workflows/crabbox-hydrate.yml:35, f175d076db1c)

Likely related people:

• Shakker: Git history shows Shakker authored the current package.json, existing CI workflow, and recent Kova runtime changes that define the npm-based validation baseline this PR must fit. (role: recent area contributor; confidence: high; commits: 7784a133d828, ac1b15e61afd; files: package.json, .github/workflows/ci.yml, .github/workflows/release.yml)

Codex review notes: model gpt-5.5, reasoning high; reviewed against ac1b15e61afd.

[clawsweeper]

ClawSweeper PR egg

🔥 Warming up: real-behavior proof passed; findings, security review, or rank-up moves are still in progress.

Hatch command

Comment @clawsweeper hatch when this PR is hatchable.

Hatchability rules:

• Merged PRs are hatchable.
• Open PRs are hatchable when they are status: 👀 ready for maintainer look, status: 🚀 automerge armed, or labeled clawsweeper:automerge.
• Closed unmerged PRs are hatchable only when one of those hatchable labels is still present in the durable record.

What is this egg doing here?

• Eggs appear after the PR passes real-behavior proof. It is here for vibes, not verdicts: it does not change labels, ratings, merge decisions, or automation.
• The shell reacts to review momentum: open follow-up work warms it up, re-review makes it wobble, and a clean final review lets it hatch.
• Hatchability usually comes from sufficient real-behavior proof, no blocking P0/P1/P2 findings, no security attention needed, and clean correctness. A merged PR is already final, so merge makes the egg hatchable independently.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.

[steipete]

Closing this in favor of the shared public skill source at https://github.com/openclaw/agent-skills.

We do not want to vendor the same maintainer skills into every repo. Repos that need zero-setup guidance should add a small pointer to openclaw/agent-skills; shared skill content should be updated there first and synced only where a vendored snapshot is intentionally required.