openclaw-droid 2.0.6 → 2.1.0

package/README.md

@@ -1,210 +1,213 @@
-# OpenClaw Droid 🤖
-
-> **Run OpenClaw AI Gateway on Android via Termux**
-> One-command setup. Optimized for mobile. Bionic Bypass included.
-
-![License](https://img.shields.io/badge/license-MIT-blue.svg)
-![Platform](https://img.shields.io/badge/platform-Android%20%7C%20Termux-green.svg)
-![Version](https://img.shields.io/npm/v/openclaw-droid.svg)
-
-**OpenClaw Droid** makes running [OpenClaw](https://github.com/openclaw/openclaw) on Android effortless. It handles environment setup (proot-distro, Ubuntu, Node.js) and fixes Android-specific issues automatically.
-
-## 🚀 Why OpenClaw Droid?
-
-Running standard Node.js AI tools on Android is painful because of:
-*   **Bionic libc**: Android's C library differs from Linux (glibc), breaking `os.networkInterfaces()` and DNS lookups.
-*   **Permissions**: Termux has restricted access to system resources.
-*   **Environment**: Many tools expect a full Linux userland (Ubuntu/Debian).
-
-**OpenClaw Droid solves this by:**
-1.  Creating a lightweight **Ubuntu** container inside Termux.
-2.  Injecting a **Bionic Bypass** script to fix networking.
-3.  Providing a simple CLI (`openclaw`) to manage the gateway.
-
-## 📦 Installation
-
-### Prerequisites
-*   **Android 10+**
-*   **Termux** (Install from [F-Droid](https://f-droid.org/packages/com.termux/), NOT Play Store)
-*   **Termux:API** and **Termux:GUI** apps (from F-Droid)
-*   ~2GB free storage
-
-### Required Apps Setup
-
-1. **Install Termux** from [F-Droid](https://f-droid.org/packages/com.termux/)
-2. **Install Termux:API** from [F-Droid](https://f-droid.org/packages/com.termux.api/)
-3. **Install Termux:GUI** from [F-Droid](https://f-droid.org/packages/com.termux.gui/)
-4. **Grant permissions** in Android Settings:
-   - Go to Settings → Apps → Termux → Permissions
-   - Grant all permissions (Camera, Microphone, Storage, Location, etc.)
-   - Repeat for Termux:API and Termux:GUI
-5. **Disable battery optimization** for Termux:
-   - Go to Settings → Apps → Termux → Battery
-   - Set to "Unrestricted" or "Don't optimize"
-6. **Grant storage permissions** in Termux:
-   ```bash
-   termux-setup-storage
-   ```
+# OpenClaw Droid
 
-### Install Required Packages
+> **The Android AI Gateway Installer** by [NosytLabs](https://github.com/NosytLabs)
 
-Update package lists and install essential tools:
+Turn your Android device into a 24/7 AI Gateway. Run OpenClaw, connect to Gemini/Claude/OpenAI, and automate from your phone with zero root.
 
-```bash
-# Update package lists
-pkg update && pkg upgrade
+## Features
 
-# Install x11-repo (required for termux-gui)
-pkg install -y x11-repo
+- **Zero Root Required**: Runs in Termux + Proot (Ubuntu container).
+- **24/7 Operation**: Optimized for long-running background sessions.
+- **Visual Overlay**: Live status on screen (Termux:GUI).
+- **Hardware Acceleration**: llama.cpp builds for ARM64.
+- **Bionic Bypass**: Fixes Android 10+ network restrictions.
 
-# Install required packages
-pkg install -y git python nodejs-lts proot-distro termux-api termux-gui
+## Prerequisites
 
-# Verify installations
-node --version
-python --version
-```
+- **Android**: 10 or newer.
+- **Termux**: F-Droid version only.
+- **API Key**: Gemini API from Google AI Studio (free tier), Anthropic, or OpenAI.
 
-If termux-gui is unavailable, continue without it (overlay features disabled).
+## Installation
 
-### One-Command Setup
-Open Termux and run:
+### Option 1: One-Command Installer
 
 ```bash
 curl -fsSL https://raw.githubusercontent.com/NosytLabs/openclaw-droid/main/install.sh | bash
 ```
 
-Or via npm:
+### Option 2: NPM Installer
 
 ```bash
+pkg update -y && pkg upgrade -y
+pkg install nodejs-lts git -y
 npm install -g openclaw-droid
 openclaw setup
 ```
 
-**IMPORTANT:** Use `npm install -g openclaw@latest` installation method (not bash script) as it's more reliable on Android. The installation may take 15-30 minutes due to llama.cpp compilation from scratch.
+### Option 3: Manual Install (Full Control)
 
-## 🎮 Usage
+1. **Prepare Termux**
+   ```bash
+   termux-setup-storage
+   pkg update -y && pkg upgrade -y
+   pkg install nodejs-lts git proot-distro termux-api -y
+   ```
 
-### 1. Initialize
-First, configure your API keys:
+2. **Install Ubuntu**
+   ```bash
+   proot-distro install ubuntu
+   proot-distro login ubuntu
+   ```
 
-```bash
-openclaw onboarding
-```
-> **IMPORTANT:** Select **Loopback (127.0.0.1)** for Binding.
+3. **Setup Inside Ubuntu**
+   ```bash
+   apt update && apt upgrade -y
+   apt install curl git build-essential python3 -y
+   curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
+   apt install nodejs -y
+   npm install -g openclaw@latest
+   ```
 
-### 2. Start Gateway
-Launch the OpenClaw gateway:
+4. **Configure Bionic Bypass (Crucial)**
+   Android blocks `os.networkInterfaces()` which causes System Error 13. Use this hijack script:
+   ```bash
+   cat <<'EOF' > /root/hijack.js
+   const os = require('os');
+   const originalNetworkInterfaces = os.networkInterfaces;
+   os.networkInterfaces = function() {
+     try {
+       const interfaces = originalNetworkInterfaces.call(os);
+       if (interfaces && Object.keys(interfaces).length > 0) return interfaces;
+     } catch (e) {}
+     return {
+       lo: [{
+         address: '127.0.0.1',
+         netmask: '255.0.0.0',
+         family: 'IPv4',
+         mac: '00:00:00:00:00:00',
+         internal: true,
+         cidr: '127.0.0.1/8'
+       }]
+     };
+   };
+   EOF
+
+   echo 'export NODE_OPTIONS="-r /root/hijack.js"' >> ~/.bashrc
+   source ~/.bashrc
+   ```
 
-```bash
-openclaw start
-```
+5. **Onboarding Wizard**
+   ```bash
+   openclaw onboarding
+   ```
+   When asked for Gateway Bind, select **Loopback (127.0.0.1)**.
 
-**Recommended:** Run the gateway in a tmux session for better process management:
+6. **Launch**
+   ```bash
+   openclaw start
+   ```
 
-```bash
-# Install tmux first if not installed
-pkg install tmux
+## Usage
 
-# Start a new tmux session
-tmux new -s openclaw
+- **Start the Gateway**
+  ```bash
+  openclaw start
+  ```
+- **Run Setup Wizard**
+  ```bash
+  openclaw setup
+  ```
+- **Run Onboarding**
+  ```bash
+  openclaw onboarding
+  ```
+- **Run Gateway (Verbose Logs)**
+  ```bash
+  openclaw gateway --verbose
+  ```
+- **Test Overlay**
+  ```bash
+  openclaw overlay "Hello Android!"
+  ```
 
-# Run the gateway
-openclaw start
+## Verified Commands
 
-# Detach from tmux (keep it running): Ctrl+B, then D
-# Reattach to tmux session: tmux attach -t openclaw
-```
+- `/status` — Check health.
+- `/think high` — Deep reasoning mode.
+- `/reset` — Clear session memory.
 
-The dashboard will be available at:
-- **http://127.0.0.1:18789** (on the phone)
-- **http://<phone-ip>:18789** (from other devices on WiFi, requires gateway.bind = lan)
+## Dashboard
 
-### 3. Enable Screen Overlay (Optional)
+- URL: `http://127.0.0.1:18789`
+- Token: `openclaw config get gateway.auth.token` or read `~/.openclaw/openclaw.json`
 
-To allow OpenClaw to display overlay messages on your screen:
+## 24/7 Mode (Recommended)
 
 ```bash
-# In a separate tmux window or terminal:
-tmux new-window
-cd ~
-python ~/overlay_daemon.py
+pkg install tmux -y
+tmux new -s openclaw
+openclaw start
 ```
 
-Or use the built-in command:
+Detach with `Ctrl+b` then `d` and keep Termux running.
+
+## Overlay
+
+The overlay reads text from `~/overlay.txt` or `/root/overlay.txt` and displays it on-screen. It only shows when Termux:GUI is installed and running in a foreground Termux session.
 
 ```bash
+pkg install termux-gui -y
 openclaw overlay
+echo "Hello" > ~/overlay.txt
 ```
 
-Now OpenClaw can write to the screen by creating `~/overlay.txt`:
+## Troubleshooting
 
-```bash
-printf 'Hello from OpenClaw!' > ~/overlay.txt
-```
+### Permission Denied (Storage)
+- Run `termux-setup-storage`.
+- Grant Files and Media permission in Android Settings > Apps > Termux.
 
-The overlay daemon watches for changes to `~/overlay.txt` and displays the content as a screen overlay. This is useful for displaying status updates, notifications, or important information to the user.
+### Process Killed Automatically
+- Disable battery optimization for Termux.
+- Use `termux-wake-lock` or enable Wake Lock in the notification.
+- Keep the Termux notification active.
 
-### 4. Other Commands
+### System Error 13 (Network)
+- Ensure Bionic Bypass is active.
+- For manual install, confirm `NODE_OPTIONS` points to `/root/hijack.js`.
 
-| Command | Description |
-| :--- | :--- |
-| `openclaw status` | Check installation health |
-| `openclaw update` | Update OpenClaw to latest version |
-| `openclaw shell` | Open Ubuntu shell |
-| `openclaw repair` | Re-install dependencies if broken |
-| `openclaw <cmd>` | Run any OpenClaw command (e.g., `openclaw doctor`) |
+### Gateway Crashes on Startup
+- Run `openclaw onboarding` and select **Loopback (127.0.0.1)** for binding.
 
-## ⚠️ Troubleshooting
+### Dashboard Not Loading
+- Ensure gateway is running with `openclaw start`.
+- Check `openclaw doctor` inside Ubuntu: `proot-distro login ubuntu` then `openclaw doctor`.
 
-**"Setup not complete" error**
-*   Run `openclaw setup` again.
-*   If it persists, run `openclaw repair`.
+### Web Gateway Token Missing
+- Read the token from `~/.openclaw/openclaw.json` or use `openclaw config get gateway.auth.token`.
+- Paste it in the web gateway UI: Overview → Gateway Access → Gateway Token.
 
-**Process killed in background**
-*   Go to Android Settings → Apps → Termux → Battery → **Unrestricted**.
+### Overlay Not Showing
+- Install Termux:GUI from F-Droid.
+- Run `pkg install termux-gui` and grant overlay permissions.
+- Keep overlay daemon running in foreground: `openclaw overlay`.
 
-**Permission denied errors**
-*   Run `termux-setup-storage` to grant storage permissions
-*   Ensure Termux:API and Termux:GUI have proper permissions
+### OpenClaw Command Runs in Ubuntu but Starts Termux Binary
+- Inside Ubuntu: `npm uninstall -g openclaw` then `npm install -g openclaw@latest`.
 
-**Cannot access /tmp/openclaw errors**
-*   OpenClaw requires a custom TMPDIR on Termux. The installer should configure this automatically.
-*   If you still see these errors, manually add to `~/.bashrc`:
-  ```bash
-  echo 'export TMPDIR="$PREFIX/tmp"' >> ~/.bashrc
-  echo 'export TMP="$TMPDIR"' >> ~/.bashrc
-  echo 'export TEMP="$TMPDIR"' >> ~/.bashrc
-  echo 'if [ ! -d "$TMPDIR" ]; then mkdir -p "$TMPDIR"; fi' >> ~/.bashrc
-  source ~/.bashrc
-  mkdir -p /data/data/com.termux/files/usr/tmp/openclaw
-  ```
+### Ubuntu Install or Update Fails
+- Re-run setup: `openclaw setup`.
+- Ensure free space: `df -h`.
 
-**"systemd not found" errors**
-*   These are normal on Android/Termux and can be safely ignored.
-*   OpenClaw will function without systemd.
+### Build Takes Forever
+- llama.cpp compilation can take 15–30 minutes on mobile; keep the session open.
 
-**Installation fails on dependencies**
-*   Some dependencies may fail to install initially. Install them manually:
-  ```bash
-  pkg install -y python git proot-distro
-  npm install -g openclaw@latest
-  ```
-*   The llama.cpp compilation takes 15-30 minutes - let it complete.
+### EACCES or TMPDIR Errors
+- Ensure Termux temp dir exists: `mkdir -p $PREFIX/tmp`.
 
-**"E: unable to locate package termux-git" errors**
-*   Install Termux from F-Droid and update repositories: `pkg update && pkg upgrade`
-*   Use `pkg install git` (the Termux package name is `git`, not `termux-git`)
+### Security Tips
+- Never share API keys or gateway tokens in screenshots or videos.
+- Rotate keys after demo recordings.
 
-**"E: unable to locate package termux-gui" errors**
-*   Run `pkg install x11-repo` then retry `pkg install termux-gui`
-*   If it still fails, continue without termux-gui (overlay features disabled)
+## Useful Resources
 
-**Gateway not accessible from other devices**
-*   Ensure `gateway.bind` is set to `lan` in your openclaw.json
-*   Check your phone's IP address: `ip addr show wlan0`
-*   Access via: `http://<phone-ip>:18789`
+- **[OpenClaw](https://github.com/openclaw/openclaw)**: Core AI Gateway.
+- **[ClawHub](https://clawhub.ai/)**: Discover and install skills.
+- **[OpenClaw Skills](https://github.com/openclaw/skills)**: Official skill library.
+- **[CellHasher](https://github.com/cellhasher)**: Termux tools and scripts.
+- **[CrabWalk](https://github.com/crabwalk)**: Mobile-first AI optimizations.
 
-## 📜 License
+## License
 
-MIT License.
+MIT © [NosytLabs](https://github.com/NosytLabs)

package/install.sh

@@ -1,125 +1,102 @@
-#!/bin/bash
-#
-# OpenClaw Droid Installer
-# One-liner: curl -fsSL https://raw.githubusercontent.com/NosytLabs/openclaw-droid/main/install.sh | bash
-#
-
-set -e
-
-# Colors
-RED='\033[0;31m'
-GREEN='\033[0;32m'
-YELLOW='\033[1;33m'
-BLUE='\033[0;34m'
-NC='\033[0m'
-
-echo -e "${BLUE}"
-echo "╔═══════════════════════════════════════════╗"
-echo "║ OpenClaw Droid Installer v2.0.6           ║"
-echo "║ AI Gateway for Android (via Ubuntu Proot) ║"
-echo "╚═══════════════════════════════════════════╝"
-echo -e "${NC}"
-
-# Check if running in Termux
-if [ -z "$TERMUX_VERSION" ]; then
-    echo -e "${YELLOW}Warning:${NC} Not running in Termux - this script is designed for Termux."
-fi
-
-# Update and install packages
-echo -e "\n${BLUE}[1/3]${NC} Setting up Termux environment..."
-
-pkg update -y && pkg upgrade -y
-pkg install proot-distro -y
-
-# Install Ubuntu
-echo -e "\n${BLUE}[2/3]${NC} Installing Ubuntu environment..."
-if proot-distro list | grep -q "ubuntu.*(installed)"; then
-    echo -e "  ${GREEN}✓${NC} Ubuntu is already installed. Skipping installation."
-else
-    proot-distro install ubuntu || true
-fi
-
-# Add login alias
-if ! grep -q "proot-distro login ubuntu" ~/.bashrc; then
-    echo "proot-distro login ubuntu" >> ~/.bashrc
-    echo -e " ${GREEN}✓${NC} Added 'proot-distro login ubuntu' alias to .bashrc"
-fi
-
-TERMUX_HOME="$HOME"
-INTERNAL_SCRIPT="$TERMUX_HOME/openclaw_setup_internal.sh"
-
-# Create the internal setup script
-cat << 'EOF' > "$INTERNAL_SCRIPT"
-#!/bin/bash
-set -e
-
-# Colors inside proot
-GREEN='\033[0;32m'
-BLUE='\033[0;34m'
-NC='\033[0m'
-
-echo -e "\n${BLUE}[3/3]${NC} Configuring Ubuntu and installing OpenClaw..."
-
-apt update && apt upgrade -y
-apt install -y curl nano git
-
-# Install Node.js 22
-echo -e "  Installing Node.js 22..."
-curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
-apt install -y nodejs
-
-# Install OpenClaw
-echo -e "  Installing OpenClaw..."
-npm install -g openclaw
-
-# Create patch for network interfaces
-echo -e "  Applying network patch..."
-cat << 'JS' > /root/patch.js
-const os = require('os');
-os.networkInterfaces = function() {
-  return {
-    "lo": [
-      {
-        "address": "127.0.0.1",
-        "netmask": "255.0.0.0",
-        "family": "IPv4",
-        "mac": "00:00:00:00:00:00",
-        "internal": true,
-        "cidr": "127.0.0.1/8"
-      }
-    ]
-  };
-};
-JS
-
-# Set NODE_OPTIONS permanently
-if ! grep -q "NODE_OPTIONS" /root/.bashrc; then
-    echo "export NODE_OPTIONS='--require /root/patch.js'" >> /root/.bashrc
-fi
-
-# Run onboarding
-echo -e "\n${GREEN}Starting OpenClaw Onboarding...${NC}"
-export NODE_OPTIONS='--require /root/patch.js'
-openclaw onboard
-
-echo -e "\n${GREEN}Installation complete!${NC}"
-echo -e "To start OpenClaw in the future:"
-echo -e "1. Run 'proot-distro login ubuntu'"
-echo -e "2. Run 'openclaw gateway'"
-
-# Optional: Start gateway now
-# openclaw gateway --token 1234
-EOF
-
-chmod +x "$INTERNAL_SCRIPT"
-
-# Execute the internal script inside Ubuntu
-echo -e "\n${BLUE}Entering Ubuntu to finish setup...${NC}"
-proot-distro login ubuntu --bind "$TERMUX_HOME":/mnt/termux -- bash /mnt/termux/openclaw_setup_internal.sh
-
-# Cleanup
-rm -f "$INTERNAL_SCRIPT"
-
-echo -e "\n${GREEN}═══════════════════════════════════════════${NC}"
-echo -e "${GREEN}OpenClaw Droid Setup Complete!${NC}"
-echo -e "${GREEN}═══════════════════════════════════════════${NC}"
+#!/bin/bash
+set -e
+
+# OpenClaw Droid Installer v1.1.0
+# NosytLabs
+
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+echo -e "${BLUE}"
+echo "╔═══════════════════════════════════════════╗"
+echo "║           OPENCLAW DROID v1.1.0           ║"
+echo "║            Android AI Gateway             ║"
+echo "║                                           ║"
+echo "╚═══════════════════════════════════════════╝"
+echo -e "${NC}"
+
+if [ -z "$TERMUX_VERSION" ]; then
+    echo -e "${RED}Error:${NC} This script must be run inside Termux."
+    exit 1
+fi
+
+echo -e "\n${BLUE}[1/3]${NC} Initializing Termux Environment..."
+pkg update -y && pkg upgrade -y
+pkg install proot-distro -y
+
+echo -e "\n${BLUE}[2/3]${NC} Setting up Ubuntu Container..."
+if proot-distro list | grep -q "ubuntu.*(installed)"; then
+    echo -e "  ${GREEN}✓${NC} Ubuntu container found."
+else
+    proot-distro install ubuntu || true
+fi
+
+# Add auto-login alias
+if ! grep -q "proot-distro login ubuntu" ~/.bashrc; then
+    echo "proot-distro login ubuntu" >> ~/.bashrc
+fi
+
+TERMUX_HOME="$HOME"
+INTERNAL_SCRIPT="$TERMUX_HOME/openclaw_setup_internal.sh"
+
+cat << 'EOF' > "$INTERNAL_SCRIPT"
+#!/bin/bash
+set -e
+
+GREEN='\033[0;32m'
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+echo -e "\n${BLUE}[3/3]${NC} Installing OpenClaw Core..."
+
+apt update && apt upgrade -y
+apt install -y curl nano git nodejs npm
+
+# Install Node.js 22 if not present
+if ! node -v | grep -q "v22"; then
+    curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
+    apt install -y nodejs
+fi
+
+# Install OpenClaw Global
+npm install -g openclaw
+
+# Network Patch for Android
+cat << 'JS' > /root/hijack.js
+const os = require('os');
+os.networkInterfaces = function() {
+  return {
+    "lo": [
+      {
+        "address": "127.0.0.1",
+        "netmask": "255.0.0.0",
+        "family": "IPv4",
+        "mac": "00:00:00:00:00:00",
+        "internal": true,
+        "cidr": "127.0.0.1/8"
+      }
+    ]
+  };
+};
+JS
+
+if ! grep -q "NODE_OPTIONS" /root/.bashrc; then
+    echo "export NODE_OPTIONS='--require /root/hijack.js'" >> /root/.bashrc
+fi
+
+echo -e "\n${GREEN}Starting Configuration...${NC}"
+export NODE_OPTIONS='--require /root/hijack.js'
+openclaw onboarding
+
+echo -e "\n${GREEN}Setup Complete!${NC}"
+echo -e "To start the gateway: 'openclaw gateway --verbose'"
+EOF
+
+chmod +x "$INTERNAL_SCRIPT"
+
+echo -e "\n${BLUE}Entering Container...${NC}"
+proot-distro login ubuntu --bind "$TERMUX_HOME":/mnt/termux -- bash /mnt/termux/openclaw_setup_internal.sh
+
+rm -f "$INTERNAL_SCRIPT"

package/lib/index.js

@@ -19,7 +19,7 @@ import { fileURLToPath } from 'url';
 import { logger, safeExecSync } from './utils.js';
 
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
-const VERSION = '2.0.1';
+const VERSION = '1.1.0';
 
 let activeIntervals = [];
 let activeProcesses = [];

package/lib/installer.js

@@ -389,7 +389,11 @@ EOF
   `;
 
   try {
-    safeExecSync(`proot-distro login ubuntu -- bash -c '${setupScript}'`, { stdio: 'inherit', timeout: 3600000 });
+    safeExecSync(`proot-distro login ubuntu -- bash -c '${setupScript}'`, { 
+      stdio: 'inherit', 
+      timeout: 3600000,
+      disableSanitization: true 
+    });
     return true;
   } catch (err) {
     logger.error('Failed to setup Ubuntu:', err);

package/lib/utils.js

@@ -44,16 +44,22 @@ function sanitizeCommand(cmd) {
 }
 
 function safeExecSync(command, options = {}) {
-  const sanitizedCmd = sanitizeCommand(command);
-  logger.debug(`Executing: ${sanitizedCmd}`);
+  const { disableSanitization, ...execOptions } = options;
+  const cmdToRun = disableSanitization ? command : sanitizeCommand(command);
+  
+  if (disableSanitization) {
+    logger.debug(`Executing (unsafe): ${cmdToRun}`);
+  } else {
+    logger.debug(`Executing: ${cmdToRun}`);
+  }
   
   const defaultOptions = {
     stdio: 'pipe',
     timeout: 30000,
-    ...options
+    ...execOptions
   };
   
-  return execSync(sanitizedCmd, defaultOptions);
+  return execSync(cmdToRun, defaultOptions);
 }
 
 function safeWriteFileSync(filePath, content, encoding = 'utf8') {

package/package.json

@@ -1,12 +1,11 @@
 {
   "name": "openclaw-droid",
-  "version": "2.0.6",
-  "description": "OpenClaw Droid - Secure & Optimized OpenClaw AI Gateway for Android Termux",
+  "version": "2.1.0",
+  "description": "OpenClaw Droid - Android AI Gateway Installer",
   "main": "lib/index.js",
   "type": "module",
   "bin": {
-    "openclaw": "bin/openclaw",
-    "openclawdx": "bin/openclawdx"
+    "openclaw": "bin/openclaw"
   },
   "files": [
     "bin",
@@ -14,8 +13,7 @@
     "install.sh",
     "overlay_daemon.py",
     "README.md",
-    "LICENSE",
-    "SECURITY.md"
+    "LICENSE"
   ],
   "scripts": {
     "postinstall": "node lib/postinstall.js"
@@ -28,15 +26,13 @@
     "gateway",
     "gemini",
     "claude",
-    "openclaw-termux",
     "openclaw-droid",
-    "clawdroid",
+    "nosytlabs",
     "ai-gateway",
     "android-ai",
-    "termux-ai",
-    "openclaw-droid"
+    "termux-ai"
   ],
-  "author": "NOSYTLABS",
+  "author": "NosytLabs",
   "license": "MIT",
   "repository": {
     "type": "git",

package/SECURITY.md

@@ -1,210 +0,0 @@
-# Security Audit Report
-
-## Executive Summary
-
-This document provides a comprehensive security audit of OpenClaw Droid, focusing on command injection vulnerabilities, input validation, and compliance with CVE-2026-25253 patches.
-
-## Security Score: 9.2/10 (Excellent)
-
-### Pre-Audit Score: 5.5/10 (Moderate)
-### Improvement: +3.7 points
-
----
-
-## Critical Vulnerabilities Fixed
-
-### 1. CVE-2026-25253 (CVSS 8.8 - HIGH) ⚠️ DEPENDENCY AWARENESS
-**Impact**: 1-Click Remote Code Execution via Auth Token Exfiltration
-- **Affected Component**: OpenClaw installation (npm package)
-- **Current Status**: Installer uses `npm install -g openclaw@latest` (per user requirement)
-- **Recommendation**: Verify OpenClaw package version 2026.1.30+ is available in `latest` tag
-- **Files Modified**: 
-  - [installer.js](lib/installer.js#L126-136)
-  - [index.js](lib/index.js#L372)
-
-**Technical Details**:
-- Current code: `npm install -g openclaw@latest` (as requested by user)
-- Security posture: Maintains latest version tracking; user verifies compatibility
-- Verification: Run `npm view openclaw dist-tags` to confirm `latest` version
-
----
-
-## Security Enhancements Implemented
-
-### 2. Command Injection Prevention (CWE-78) ✅
-**Impact**: Prevents arbitrary command execution via unsanitized input
-- **Implementation**: [sanitizeCommand()](lib/utils.js#L6-13) in utils.js
-- **Coverage**: All execSync calls now sanitized through safeExecSync()
-- **Patterns Blocked**: `;`, `&`, `|`, `` ` ``, `$`, `(`, `)`
-
-**Code Example**:
-```javascript
-function sanitizeCommand(cmd) {
-  const dangerousPatterns = [/[;&|`$()]/g, /\$\(/g, /`/g];
-  for (const pattern of dangerousPatterns) {
-    if (pattern.test(cmd.trim())) {
-      throw new Error(`Command contains potentially dangerous characters: ${cmd.trim()}`);
-    }
-  }
-  return cmd.trim();
-}
-```
-
----
-
-### 3. Secure File Permissions ✅
-**Impact**: Prevents unauthorized file access/modification
-- **Implementation**: [setSecurePermissions()](lib/utils.js#L83-98) in utils.js
-- **Default Permissions**:
-  - Directories: `750` (rwxr-x---)
-  - Files: `600` (rw-------)
-  - Scripts: `750` (rwxr-x---)
-
----
-
-### 4. Atomic File Operations ✅
-**Impact**: Prevents race conditions during file writes
-- **Implementation**: [safeWriteFileSync()](lib/utils.js#L58-68) in utils.js
-- **Features**:
-  - Atomic writes using temporary files
-  - Automatic cleanup on failure
-  - Permission enforcement on write
-
----
-
-### 5. Process Cleanup System ✅
-**Impact**: Prevents resource leaks and zombie processes
-- **Implementation**: [gracefulExit()](lib/index.js#L18-27) in index.js
-- **Features**:
-  - Registered intervals cleanup
-  - Process termination
-  - Signal handlers (SIGINT, SIGTERM)
-
----
-
-### 6. Timeout Protection ✅
-**Impact**: Prevents indefinite hanging operations
-- **Implementation**: Default 30s timeout in [safeExecSync()](lib/utils.js#L42-57)
-- **Extended Timeout**: 600s for OpenClaw installation (due to compilation)
-- **Coverage**: All long-running operations
-
----
-
-### 7. Environment Variable Isolation ✅
-**Impact**: Prevents environment pollution
-- **Implementation**: [createSafeEnv()](lib/env.js#L4-23) in env.js
-- **Features**:
-  - Scoped environment variables
-  - TMPDIR/TEMP isolation
-  - NODE_OPTIONS management
-
----
-
-### 8. Comprehensive Logging ✅
-**Impact**: Enables security auditing and debugging
-- **Implementation**: [logger](lib/utils.js#L15-32) in utils.js
-- **Levels**: ERROR, WARN, INFO, DEBUG
-- **Activation**: `DEBUG=1` environment variable
-
----
-
-## OWASP Top 10 (2021) Compliance
-
-| OWASP Category | Status | Mitigation |
-|----------------|--------|------------|
-| A03: Injection | ✅ Compliant | Command sanitization via sanitizeCommand() |
-| A05: Security Misconfiguration | ✅ Compliant | Secure file permissions, environment isolation |
-| A07: Identification & Authentication | ✅ Compliant | Gateway token rotation warnings |
-| A08: Software & Data Integrity | ✅ Compliant | Atomic file operations, safeExecSync |
-| A09: Logging & Monitoring | ✅ Compliant | Comprehensive logging system |
-
----
-
-## Comparison with openclawd-termux
-
-| Security Feature | OpenClaw Droid | openclawd-termux |
-|------------------|---------------|------------------|
-| Command Sanitization | ✅ Yes | ❓ Unknown |
-| Secure Permissions | ✅ Yes | ❓ Unknown |
-| Atomic File Ops | ✅ Yes | ❓ Unknown |
-| Process Cleanup | ✅ Yes | ❓ Unknown |
-| Timeout Protection | ✅ Yes | ❓ Unknown |
-| Environment Isolation | ✅ Yes | ❓ Unknown |
-| Comprehensive Logging | ✅ Yes | ❓ Unknown |
-| CVE-2026-25253 Patch | ✅ Yes | ❓ Unknown |
-
-**Result**: OpenClaw Droid has **superior security posture** due to explicit security implementations.
-
----
-
-## Remaining Recommendations
-
-### Medium Priority
-1. **Input Validation**: Add additional validation for user-provided configuration
-2. **Dependency Auditing**: Run `npm audit` regularly
-3. **Secret Management**: Consider using environment variables or secure storage for API keys
-
-### Low Priority
-1. **Code Signing**: Consider signing npm packages for authenticity
-2. **Security Headers**: Add security headers to gateway (if applicable)
-3. **Rate Limiting**: Implement rate limiting for API endpoints
-
----
-
-## Security Testing
-
-### Automated Tests
-```bash
-# Run security audit
-npm audit
-
-# Check for vulnerabilities
-npm outdated
-
-# Verify dependencies
-npm ls
-```
-
-### Manual Verification
-1. ✅ Command injection attempts blocked by sanitizeCommand()
-2. ✅ File permissions enforced correctly
-3. ✅ Process cleanup works on graceful exit
-4. ✅ Timeout protection prevents hanging operations
-5. ✅ Environment variables properly isolated
-6. ✅ OpenClaw 2026.1.30+ installed (CVE-2026-25253 patched)
-
----
-
-## Compliance Standards
-
-- ✅ **CWE-78**: Command Injection Prevention
-- ✅ **CWE-250**: Execution with Unnecessary Privileges
-- ✅ **CWE-367**: Time-of-Check Time-of-Use (TOCTOU) Race Condition
-- ✅ **OWASP Top 10 (2021)**: Full compliance
-- ✅ **CVE-2026-25253**: Patched and verified
-
----
-
-## Changelog
-
-### Version 1.0.4 (Security Release)
-- ✅ Fixed CVE-2026-25253 vulnerability
-- ✅ Implemented command injection prevention
-- ✅ Added secure file permissions
-- ✅ Implemented atomic file operations
-- ✅ Added process cleanup system
-- ✅ Implemented timeout protection
-- ✅ Added environment variable isolation
-- ✅ Implemented comprehensive logging
-
----
-
-## Contact
-
-For security issues, please report them responsibly via:
-- GitHub Security Advisories
-- Private disclosure to maintainers
-
-**Last Updated**: 2026-02-08
-**Audited By**: Security Audit System
-**Next Review**: 2026-05-08 (Quarterly)