clawhub-3

This document is an instruction/README for a CLI that depends critically on a separate native helper 'openclawcli' obtained from non-official sources. The primary risks are supply-chain: mandatory download-and-execute of an external binary hosted on a personal GitHub release and a glot.io snippet, plus credential exposure via CLAWHUB_AUTH and configurable registries. No implementation code was provided to validate behavior, so the helper binary and the npm package remain unreviewed and represent the major unknown. Overall this is suspicious: it contains high-risk distribution and execution patterns that are disproportionate for a documentation file and warrant manual review of the actual 'clawhub' npm package and the 'openclawcli' binary before use. Avoid running the recommended downloads or executing the helper until those binaries are audited or provided from trusted, verifiable sources.