openclacky 1.1.0 → 1.1.2

data/lib/clacky/brand_config.rb

@@ -44,7 +44,7 @@ module Clacky
                 :license_expires_at, :license_last_heartbeat, :device_id,
                 :logo_url, :support_contact, :license_user_id,
                 :support_qr_url, :theme_color, :homepage_url,
-                :distribution_last_refreshed_at
+                :distribution_last_refreshed_at, :license_last_heartbeat_failure
 
     def initialize(attrs = {})
       @product_name            = attrs["product_name"]
@@ -66,6 +66,11 @@ module Clacky
       # #refresh_distribution!). Persisted to brand.yml so 24h throttling
       # survives restarts.
       @distribution_last_refreshed_at = parse_time(attrs["distribution_last_refreshed_at"])
+      # Tracks when heartbeats started failing continuously. Set on a failed
+      # heartbeat (only if currently nil), cleared on a successful one.
+      # grace_period_exceeded? uses this — NOT last_heartbeat — so a user who
+      # simply hasn't run the app in days doesn't see a stale "offline" warning.
+      @license_last_heartbeat_failure = parse_time(attrs["license_last_heartbeat_failure"])
 
       # In-memory decryption key cache: "skill_id:skill_version_id" => { key:, expires_at: }
       # Never persisted to disk. Survives across multiple skill invocations within one session.
@@ -130,16 +135,19 @@ module Clacky
       due
     end
 
-    # Returns true when the grace period for missed heartbeats has expired.
+    # Returns true when heartbeats have been failing continuously for longer
+    # than the grace period. Only considers ACTUAL failure streaks — a user
+    # who hasn't launched the app in a week is NOT in violation, since no
+    # heartbeat attempt has actually failed.
     def grace_period_exceeded?
-      if @license_last_heartbeat.nil?
-        Clacky::Logger.debug("[Brand] grace_period_exceeded? => false (no heartbeat recorded)")
+      if @license_last_heartbeat_failure.nil?
+        Clacky::Logger.debug("[Brand] grace_period_exceeded? => false (no active failure streak)")
         return false
       end
 
-      elapsed = Time.now.utc - @license_last_heartbeat
+      elapsed = Time.now.utc - @license_last_heartbeat_failure
       exceeded = elapsed >= HEARTBEAT_GRACE_PERIOD
-      Clacky::Logger.debug("[Brand] grace_period_exceeded? elapsed=#{elapsed.to_i}s grace=#{HEARTBEAT_GRACE_PERIOD}s => #{exceeded}")
+      Clacky::Logger.debug("[Brand] grace_period_exceeded? failing_since=#{@license_last_heartbeat_failure.iso8601} elapsed=#{elapsed.to_i}s grace=#{HEARTBEAT_GRACE_PERIOD}s => #{exceeded}")
       exceeded
     end
 
@@ -178,6 +186,7 @@ module Clacky
       @license_user_id        = nil
       @device_id              = nil
       @distribution_last_refreshed_at = nil
+      @license_last_heartbeat_failure = nil
       { success: true }
     end
 
@@ -210,9 +219,20 @@ module Clacky
         data = response[:data]
         @license_activated_at   = Time.now.utc
         @license_last_heartbeat = Time.now.utc
+        @license_last_heartbeat_failure = nil
         @license_expires_at     = parse_time(data["expires_at"])
         server_device_id = data["device_id"].to_s.strip
         @device_id = server_device_id unless server_device_id.empty?
+
+        # Decide whether the new key belongs to the SAME brand as the previously
+        # activated one. If yes (e.g. trial → paid), keep the installed brand
+        # skills — they are still decryptable and the user shouldn't have to
+        # re-download. If no (switching brands), wipe them.
+        prev_package_name = @package_name
+        prev_product_name = @product_name
+        new_dist          = data["distribution"].is_a?(Hash) ? data["distribution"] : {}
+        same_brand        = brand_identity_match?(prev_package_name, prev_product_name, new_dist)
+
         # Clear ALL stale fields first, then apply fresh values from the new key.
         # Order matters: reset everything before re-assigning so no old value lingers.
         @product_name    = nil
@@ -229,10 +249,10 @@ module Clacky
         owner_uid = data["owner_user_id"]
         @license_user_id = owner_uid.to_s.strip if owner_uid && !owner_uid.to_s.strip.empty?
         apply_distribution(data["distribution"])
-        # Clear previously installed brand skills before saving the new license.
-        # Skills from the old brand are encrypted with that brand's keys — they
-        # cannot be decrypted with the new license and must be re-downloaded.
-        clear_brand_skills!
+        # Skills from a different brand are encrypted with that brand's keys —
+        # they cannot be decrypted with the new license and must be re-downloaded.
+        # Same-brand re-activation (trial→paid, key rotation) preserves them.
+        clear_brand_skills! unless same_brand
         save
         { success: true, message: "License activated successfully!", product_name: @product_name,
           user_id: @license_user_id, data: data }
@@ -258,14 +278,19 @@ module Clacky
 
       # Always derive product_name fresh from the key in mock mode,
       # so switching keys produces a different brand each time.
-      user_id       = parse_user_id_from_key(@license_key)
-      @product_name = "Brand#{user_id}"
+      user_id            = parse_user_id_from_key(@license_key)
+      new_product_name   = "Brand#{user_id}"
+      prev_product_name  = @product_name
+      same_brand         = brand_identity_match?(@package_name, prev_product_name,
+                                                 { "product_name" => new_product_name })
+      @product_name = new_product_name
 
       @license_activated_at   = Time.now.utc
       @license_last_heartbeat = Time.now.utc
+      @license_last_heartbeat_failure = nil
       @license_expires_at     = Time.now.utc + (365 * 86_400)  # 1 year from now
-      # Clear old brand skills so stale encrypted files from a previous brand don't linger
-      clear_brand_skills!
+      # Same-brand re-activation preserves installed skills; switching brands wipes them.
+      clear_brand_skills! unless same_brand
       save
 
       {
@@ -306,13 +331,16 @@ module Clacky
 
       if response[:success]
         @license_last_heartbeat = Time.now.utc
+        @license_last_heartbeat_failure = nil
         @license_expires_at = parse_time(response[:data]["expires_at"]) if response[:data]["expires_at"]
         apply_distribution(response[:data]["distribution"])
         save
         Clacky::Logger.info("[Brand] heartbeat! success — expires_at=#{@license_expires_at&.iso8601} last_heartbeat=#{@license_last_heartbeat.iso8601}")
         { success: true, message: "Heartbeat OK" }
       else
-        Clacky::Logger.warn("[Brand] heartbeat! failed — #{response[:error]}")
+        @license_last_heartbeat_failure ||= Time.now.utc
+        save
+        Clacky::Logger.warn("[Brand] heartbeat! failed — #{response[:error]} (failing_since=#{@license_last_heartbeat_failure.iso8601})")
         { success: false, message: response[:error] || "Heartbeat failed" }
       end
     end
@@ -1134,6 +1162,7 @@ module Clacky
       # Persist user_id so user-licensed features remain available across restarts
       data["license_user_id"]        = @license_user_id        if @license_user_id && !@license_user_id.strip.empty?
       data["distribution_last_refreshed_at"] = @distribution_last_refreshed_at.iso8601 if @distribution_last_refreshed_at
+      data["license_last_heartbeat_failure"] = @license_last_heartbeat_failure.iso8601 if @license_last_heartbeat_failure
       YAML.dump(data)
     end
 
@@ -1155,6 +1184,30 @@ module Clacky
       self.class.version_older?(installed, latest)
     end
 
+    # Decide whether a re-activation key targets the same brand as the
+    # currently-loaded one, so we know whether installed brand skills can stay.
+    #
+    # Identity preference, in order:
+    #   1. package_name — bundle identifier, the strongest brand signal
+    #   2. product_name — display name fallback when package_name is missing
+    #
+    # If neither is present on either side, treat as different brand (safe default:
+    # wipe skills) since we can't confirm continuity.
+    private def brand_identity_match?(prev_package_name, prev_product_name, new_dist)
+      new_dist  = {} unless new_dist.is_a?(Hash)
+      new_pkg   = new_dist["package_name"].to_s.strip
+      old_pkg   = prev_package_name.to_s.strip
+      if !new_pkg.empty? && !old_pkg.empty?
+        return new_pkg == old_pkg
+      end
+
+      new_prod  = new_dist["product_name"].to_s.strip
+      old_prod  = prev_product_name.to_s.strip
+      return new_prod == old_prod if !new_prod.empty? && !old_prod.empty?
+
+      false
+    end
+
     # Apply distribution fields from API response.
     # Updates product_name, package_name, logo_url, support_contact, support_qr_url,
     # theme_color, and homepage_url from the distribution hash.

data/lib/clacky/cli.rb

@@ -163,6 +163,7 @@ module Clacky
         end
       ensure
         Dir.chdir(original_dir)
+        Clacky::BrowserManager.instance.stop rescue nil
       end
     end
 
@@ -365,19 +366,12 @@ module Clacky
           return
         end
 
+        # Heartbeat is fire-and-forget — startup must never block on the
+        # license server. The grace_period_exceeded? check below now keys off
+        # license_last_heartbeat_failure (set on a failed heartbeat, cleared
+        # on success), so a user who simply hasn't run the app for >3 days
+        # no longer sees a false "offline" warning on first launch.
         if brand.heartbeat_due?
-          # Fire-and-forget heartbeat in a background thread.
-          #
-          # Rationale: a slow/unreachable license server would otherwise block
-          # CLI startup for up to ~92s (2 hosts × 2 attempts × 23s timeout)
-          # before the user sees the prompt. Heartbeat is "best-effort" by
-          # design — its only job is to refresh `last_heartbeat` / `expires_at`
-          # on disk for the next run's grace-period calculation. Missing a
-          # single heartbeat is harmless; the next launch will try again.
-          #
-          # Consequence: if this run was going to trigger the
-          # grace_period_exceeded warning, the user will see it on the *next*
-          # launch instead of this one. Acceptable trade-off.
           Clacky::Logger.info("[Brand] check_brand_license_cli: heartbeat due, dispatching async...")
           Thread.new do
             begin
@@ -395,10 +389,6 @@ module Clacky
           Clacky::Logger.debug("[Brand] check_brand_license_cli: heartbeat not due yet")
         end
 
-        # Surface the grace-period warning based on *already-persisted* state
-        # (computed from last_heartbeat on disk). This works whether the
-        # previous run's heartbeat succeeded, failed, or was interrupted —
-        # grace_period_exceeded? reads last_heartbeat, not this run's result.
         if brand.grace_period_exceeded?
           say ""
           say "WARNING: Could not reach the #{brand.product_name} license server.", :yellow
@@ -750,6 +740,9 @@ module Clacky
         # Inject UI into agent
         agent.instance_variable_set(:@ui, ui_controller)
 
+        # Inject current session id into UI session bar (parity with WebUI #sib-id)
+        ui_controller.update_sessionbar(session_id: agent.session_id)
+
         # Set skill loader for command suggestions, filtered by agent profile whitelist
         ui_controller.set_skill_loader(agent.skill_loader, agent.agent_profile)
 
@@ -859,7 +852,7 @@ module Clacky
             end
             ui_controller.show_info("Session cleared. Starting fresh.")
             # Update session bar with reset values
-            ui_controller.update_sessionbar(tasks: agent.total_tasks, cost: agent.total_cost)
+            ui_controller.update_sessionbar(tasks: agent.total_tasks, cost: agent.total_cost, session_id: agent.session_id)
             # Clear todo area display
             ui_controller.update_todos([])
             next
@@ -950,8 +943,8 @@ module Clacky
         $ clacky server
         $ clacky server --port 8080
     LONGDESC
-    option :host, type: :string, default: "127.0.0.1", desc: "Bind host (default: 127.0.0.1)"
-    option :port, type: :numeric, default: 7070, desc: "Listen port (default: 7070)"
+    option :host, type: :string, aliases: ["-b", "--bind"], default: "127.0.0.1", desc: "Bind host (default: 127.0.0.1)"
+    option :port, type: :numeric, aliases: "-p", default: 7070, desc: "Listen port (default: 7070)"
     option :brand_test, type: :boolean, default: false,
            desc: "Enable brand test mode: mock license activation without calling remote API"
     option :no_compression, type: :boolean, default: false,
@@ -962,7 +955,13 @@ module Clacky
            desc: "Disable prompt caching"
     option :no_skill_evolution, type: :boolean, default: false,
            desc: "Disable automatic skill evolution"
+    option :help, type: :boolean, aliases: "-h", desc: "Show this help message"
     def server
+      if options[:help]
+        invoke :help, ["server"]
+        return
+      end
+
       # ── Security gate ──────────────────────────────────────────────────────
       # Binding to 0.0.0.0 exposes the server to the public network.
       # Refuse to start unless CLACKY_ACCESS_KEY env var is set.

data/lib/clacky/client.rb

@@ -119,37 +119,59 @@ module Clacky
     #   signal metric — see docs). When we migrate to streaming later, this
     #   same `ttft_ms` field will start carrying the *actual* first-token
     #   latency without any schema change.
-    def send_messages_with_tools(messages, model:, tools:, max_tokens:, enable_caching: false)
+    # @param on_chunk [Proc, nil] optional streaming progress callback.
+    #   Receives keyword args { input_tokens:, output_tokens: } with cumulative
+    #   token counts. When nil, behaves exactly as the historical non-streaming
+    #   path. When given but streaming is not yet wired for the active provider,
+    #   a single synthetic invocation is fired after the response is received,
+    #   so UI plumbing can be exercised end-to-end without the proxy work.
+    def send_messages_with_tools(messages, model:, tools:, max_tokens:, enable_caching: false, on_chunk: nil)
       caching_enabled = enable_caching && supports_prompt_caching?(model)
       cloned = deep_clone(messages)
 
+      streaming_used = false
+      first_chunk_at = nil
+      wrapped_on_chunk = on_chunk && lambda do |**kwargs|
+        first_chunk_at ||= Process.clock_gettime(Process::CLOCK_MONOTONIC)
+        on_chunk.call(**kwargs)
+      end
+
       t0 = Process.clock_gettime(Process::CLOCK_MONOTONIC)
       response =
         if bedrock?
-          send_bedrock_request(cloned, model, tools, max_tokens, caching_enabled)
+          streaming_used = !on_chunk.nil?
+          send_bedrock_request(cloned, model, tools, max_tokens, caching_enabled, on_chunk: wrapped_on_chunk)
         elsif anthropic_format?
-          send_anthropic_request(cloned, model, tools, max_tokens, caching_enabled)
+          streaming_used = !on_chunk.nil?
+          send_anthropic_request(cloned, model, tools, max_tokens, caching_enabled, on_chunk: wrapped_on_chunk)
         else
-          send_openai_request(cloned, model, tools, max_tokens, caching_enabled)
+          streaming_used = !on_chunk.nil?
+          send_openai_request(cloned, model, tools, max_tokens, caching_enabled, on_chunk: wrapped_on_chunk)
         end
       t1 = Process.clock_gettime(Process::CLOCK_MONOTONIC)
 
+      if on_chunk && !streaming_used
+        usage = response[:usage] || {}
+        safe_invoke_on_chunk(
+          on_chunk,
+          input_tokens:  usage[:prompt_tokens].to_i,
+          output_tokens: usage[:completion_tokens].to_i
+        )
+      end
+
       duration_ms = ((t1 - t0) * 1000).round
-      # Throughput is only meaningful with a reasonable output size; below ~10
-      # tokens the sample is too small to be informative and the result is
-      # wildly high (e.g. 1 token / 50ms → 20 tok/s is meaningless).
-      # Canonical usage hashes from message_format/* all use :completion_tokens.
+      ttft_ms = first_chunk_at ? ((first_chunk_at - t0) * 1000).round : duration_ms
       output_tokens = response[:usage]&.dig(:completion_tokens).to_i
       tps = (output_tokens >= 10 && duration_ms > 0) ? (output_tokens * 1000.0 / duration_ms).round(1) : nil
 
       response[:latency] = {
-        ttft_ms:     duration_ms,      # non-streaming: TTFT == full duration
+        ttft_ms:     ttft_ms,
         duration_ms: duration_ms,
         output_tokens: output_tokens,
         tps:         tps,
         model:       model,
         measured_at: Time.now.to_f,
-        streaming:   false              # future flag — true when we migrate
+        streaming:   streaming_used
       }
       response
     end
@@ -195,8 +217,10 @@ module Clacky
 
     # ── Bedrock Converse request / response ───────────────────────────────────
 
-    def send_bedrock_request(messages, model, tools, max_tokens, caching_enabled)
-      body     = MessageFormat::Bedrock.build_request_body(messages, model, tools, max_tokens, caching_enabled)
+    def send_bedrock_request(messages, model, tools, max_tokens, caching_enabled, on_chunk: nil)
+      body = MessageFormat::Bedrock.build_request_body(messages, model, tools, max_tokens, caching_enabled)
+      return send_bedrock_stream_request(body, model, on_chunk) if on_chunk
+
       response = bedrock_connection.post(bedrock_endpoint(model)) { |r| r.body = body.to_json }
 
       raise_error(response) unless response.status == 200
@@ -205,6 +229,29 @@ module Clacky
       MessageFormat::Bedrock.parse_response(parsed_body)
     end
 
+    # Streaming variant for Bedrock Converse.
+    # Posts to /model/{m}/converse-stream with stream:true; the proxy returns
+    # SSE frames whose `event` is the Bedrock event-type and whose `data` is
+    # the raw Bedrock event JSON. We accumulate frames into a synthetic
+    # non-streaming response and feed it back through the existing parser so
+    # downstream code is identical.
+    private def send_bedrock_stream_request(body, model, on_chunk)
+      stream_body = body.merge(stream: true)
+      aggregator = BedrockStreamAggregator.new(on_chunk: on_chunk)
+      sse_buf = +""
+
+      response = bedrock_connection.post(bedrock_stream_endpoint(model)) do |req|
+        req.body = stream_body.to_json
+        req.options.on_data = proc do |chunk, _bytes_received, _env|
+          sse_buf << chunk
+          drain_sse_frames(sse_buf) { |event, data| aggregator.handle(event, data) }
+        end
+      end
+
+      raise_error(response) unless response.status == 200
+      MessageFormat::Bedrock.parse_response(aggregator.to_h)
+    end
+
     def parse_simple_bedrock_response(response)
       raise_error(response) unless response.status == 200
       data = safe_json_parse(response.body, context: "LLM response")
@@ -216,11 +263,13 @@ module Clacky
 
     # ── Anthropic request / response ──────────────────────────────────────────
 
-    def send_anthropic_request(messages, model, tools, max_tokens, caching_enabled)
+    def send_anthropic_request(messages, model, tools, max_tokens, caching_enabled, on_chunk: nil)
       # Apply cache_control to the message that marks the cache breakpoint
       messages = apply_message_caching(messages) if caching_enabled
 
-      body     = MessageFormat::Anthropic.build_request_body(messages, model, tools, max_tokens, caching_enabled)
+      body = MessageFormat::Anthropic.build_request_body(messages, model, tools, max_tokens, caching_enabled)
+      return send_anthropic_stream_request(body, on_chunk) if on_chunk
+
       response = anthropic_connection.post(anthropic_messages_path) { |r| r.body = body.to_json }
 
       raise_error(response) unless response.status == 200
@@ -229,6 +278,24 @@ module Clacky
       MessageFormat::Anthropic.parse_response(parsed_body)
     end
 
+    private def send_anthropic_stream_request(body, on_chunk)
+      stream_body = body.merge(stream: true)
+      aggregator = AnthropicStreamAggregator.new(on_chunk: on_chunk)
+      sse_buf = +""
+
+      response = anthropic_connection.post(anthropic_messages_path) do |req|
+        req.headers["Accept"] = "text/event-stream"
+        req.body = stream_body.to_json
+        req.options.on_data = proc do |chunk, _bytes_received, _env|
+          sse_buf << chunk
+          drain_sse_frames(sse_buf) { |event, data| aggregator.handle(event, data) }
+        end
+      end
+
+      raise_error(response) unless response.status == 200
+      MessageFormat::Anthropic.parse_response(aggregator.to_h)
+    end
+
     def parse_simple_anthropic_response(response)
       raise_error(response) unless response.status == 200
       data = safe_json_parse(response.body, context: "LLM response")
@@ -237,24 +304,47 @@ module Clacky
 
     # ── OpenAI request / response ─────────────────────────────────────────────
 
-    def send_openai_request(messages, model, tools, max_tokens, caching_enabled)
+    def send_openai_request(messages, model, tools, max_tokens, caching_enabled, on_chunk: nil)
       # Apply cache_control markers to messages when caching is enabled.
       # OpenRouter proxies Claude with the same cache_control field convention as Anthropic direct.
       messages = apply_message_caching(messages) if caching_enabled
 
-      body     = MessageFormat::OpenAI.build_request_body(
+      body = MessageFormat::OpenAI.build_request_body(
         messages, model, tools, max_tokens, caching_enabled,
         vision_supported: @vision_supported
       )
+      return send_openai_stream_request(body, on_chunk) if on_chunk
+
       response = openai_connection.post("chat/completions") { |r| r.body = body.to_json }
 
       raise_error(response) unless response.status == 200
       check_html_response(response)
-      
+
       parsed_body = safe_json_parse(response.body, context: "LLM response")
       MessageFormat::OpenAI.parse_response(parsed_body)
     end
 
+    # Streaming variant for OpenAI-compatible chat completions (DeepSeek/OpenRouter
+    # via platform/llm_proxy). Uses Faraday's on_data hook to consume SSE frames,
+    # accumulates them, and reconstructs the non-streaming JSON response shape so
+    # MessageFormat::OpenAI.parse_response works unchanged.
+    private def send_openai_stream_request(body, on_chunk)
+      stream_body = body.merge(stream: true, stream_options: { include_usage: true })
+      aggregator = OpenAIStreamAggregator.new(on_chunk: on_chunk)
+      sse_buf = +""
+
+      response = openai_connection.post("chat/completions") do |req|
+        req.body = stream_body.to_json
+        req.options.on_data = proc do |chunk, _bytes_received, _env|
+          sse_buf << chunk
+          drain_sse_frames(sse_buf) { |_event, data| aggregator.handle(data) }
+        end
+      end
+
+      raise_error(response) unless response.status == 200
+      MessageFormat::OpenAI.parse_response(aggregator.to_h)
+    end
+
     def parse_simple_openai_response(response)
       raise_error(response) unless response.status == 200
       parsed_body = safe_json_parse(response.body, context: "LLM response")
@@ -320,6 +410,33 @@ module Clacky
       "/model/#{model}/converse"
     end
 
+    # Bedrock Converse streaming endpoint path.
+    private def bedrock_stream_endpoint(model)
+      "/model/#{model}/converse-stream"
+    end
+
+    # Pull complete SSE frames out of a buffer and yield them as (event, data).
+    # An SSE frame ends at a blank line ("\n\n"); incomplete trailing data
+    # stays in the buffer for the next chunk. Frames without an explicit
+    # `event:` line use the default "message" type per the SSE spec.
+    private def drain_sse_frames(buf)
+      while (sep = buf.index("\n\n"))
+        frame = buf.slice!(0, sep + 2)
+        event = "message"
+        data_lines = []
+        frame.each_line do |line|
+          line = line.chomp
+          if line.start_with?("event:")
+            event = line.sub(/^event:\s*/, "")
+          elsif line.start_with?("data:")
+            data_lines << line.sub(/^data:\s*/, "")
+          end
+        end
+        next if data_lines.empty?
+        yield event, data_lines.join("\n")
+      end
+    end
+
     def bedrock_connection
       @bedrock_connection ||= Faraday.new(url: @base_url) do |conn|
         conn.headers["Content-Type"]  = "application/json"
@@ -477,6 +594,18 @@ module Clacky
                            "The request will be retried automatically."
     end
 
+    # ── Streaming helpers ─────────────────────────────────────────────────────
+
+    # Invoke the user's on_chunk callback in a way that never lets a callback
+    # error tear down the LLM request. Streaming chunks are best-effort UI
+    # updates; a buggy progress renderer must not abort an in-flight call.
+    private def safe_invoke_on_chunk(on_chunk, **kwargs)
+      return unless on_chunk
+      on_chunk.call(**kwargs)
+    rescue => e
+      Clacky::Logger.warn("[on_chunk] callback raised #{e.class}: #{e.message}")
+    end
+
     # ── Utilities ─────────────────────────────────────────────────────────────
 
     def deep_clone(obj)

data/lib/clacky/default_skills/onboard/SKILL.md

@@ -221,8 +221,12 @@ then parse the last stdout line as JSON and read `installed` as N.
 
 ### A.10. Import external skills (optional)
 
-Run `test -d ~/.openclaw && echo yes || echo no`. If `no`, skip silently.
-If `yes`:
+Check if OpenClaw is installed:
+- Run `test -d ~/.openclaw && echo yes || echo no`
+- If `no` and on WSL (i.e. `/proc/version` contains `microsoft`), also run:
+  `powershell.exe -NoProfile -Command '$env:USERPROFILE' 2>/dev/null | tr -d '\r'` to get the Windows home, then check `test -d "$(wslpath '<win_home>')/.openclaw" && echo yes || echo no`
+- If all checks return `no`, skip silently.
+If any check returns `yes`:
 1. `ruby "SKILL_DIR/scripts/import_external_skills.rb" --source openclaw --dry-run`
 2. Parse the skill count N.
 3. Ask via `request_user_feedback`:

data/lib/clacky/default_skills/onboard/scripts/import_external_skills.rb

@@ -172,7 +172,7 @@ class OpenClawImporter < ExternalSkillsImporter
   end
 
   private def source_available?
-    @openclaw_dir.exist?
+    openclaw_dirs.any?(&:exist?)
   end
 
   # Returns all directories that may contain OpenClaw skills.
@@ -182,12 +182,56 @@ class OpenClawImporter < ExternalSkillsImporter
   #   - ~/.openclaw/workspace/skills/             (workspace skills)
   #   - ~/.openclaw/skills/                        (managed/shared skills)
   #   - ~/.openclaw/workspace/.agents/skills/      (project-level shared skills)
+  #
+  # On WSL, also scans the Windows-native %USERPROFILE%\.openclaw directory.
   private def source_dirs
-    [
-      @openclaw_dir.join('workspace', 'skills'),
-      @openclaw_dir.join('skills'),
-      @openclaw_dir.join('workspace', '.agents', 'skills')
-    ].select(&:exist?)
+    openclaw_dirs.flat_map do |root|
+      [
+        root.join('workspace', 'skills'),
+        root.join('skills'),
+        root.join('workspace', '.agents', 'skills')
+      ]
+    end.select(&:exist?)
+  end
+
+  # All candidate OpenClaw root directories.
+  # On WSL, includes both ~/.openclaw and the Windows-native path.
+  private def openclaw_dirs
+    dirs = [@openclaw_dir]
+    win_home = windows_home
+    dirs << win_home.join('.openclaw') if win_home && win_home.join('.openclaw') != @openclaw_dir
+    dirs
+  end
+
+  # True when running inside WSL.
+  # Mirrors EnvironmentDetector#wsl? — reads /proc/version for "microsoft".
+  private def wsl?
+    return @wsl if defined?(@wsl)
+
+    @wsl = File.exist?('/proc/version') &&
+           File.read('/proc/version').downcase.include?('microsoft')
+  rescue StandardError
+    @wsl = false
+  end
+
+  # Resolve the Windows %USERPROFILE% as a WSL-accessible Pathname.
+  # Uses powershell.exe (standard in WSL) then wslpath for conversion,
+  # mirroring the approach in EnvironmentDetector#wsl_desktop_path.
+  # Returns nil when not on WSL or when the path cannot be resolved.
+  private def windows_home
+    return nil unless wsl?
+    return nil if `which powershell.exe 2>/dev/null`.strip.empty?
+
+    win_path = `powershell.exe -NoProfile -Command '$env:USERPROFILE' 2>/dev/null`.strip.tr("\r\n", '')
+    return nil if win_path.empty?
+
+    linux_path = `wslpath '#{win_path}' 2>/dev/null`.strip
+    return nil if linux_path.empty?
+
+    path = Pathname.new(linux_path)
+    path.exist? ? path : nil
+  rescue StandardError
+    nil
   end
 
   private def discover_skills