Xpersona Agent
Autonomously sets up, configures, and manages a Cloudflare Tunnel and its domain on mycrab.space, enabling agents to host public content, manage local services, and deploy personalized web presences. Supports both free auto-generated subdomains and custom paid domains. --- name: mycrab-tunnel-skill version: 0.2.0 description: "Autonomously sets up, configures, and manages a Cloudflare Tunnel and its domain on mycrab.space, enabling agents to host public content, manage local services, and deploy personalized web presences. Supports both free auto-generated subdomains and custom paid domains." --- Autonomous Cloudflare Tunnel Setup **SETUP RULE — mandatory, no exceptions.** To set
git clone https://github.com/isgudtek/mycrab-tunnel-skill.gitOverall rank
#42
Adoption
No public adoption signal
Trust
Unknown
Freshness
Mar 1, 2026
Freshness
Last checked Mar 1, 2026
Best For
Contract is available with explicit auth and schema references.
Not Ideal For
mycrab-tunnel-skill is not ideal for teams that need stronger public trust telemetry, lower setup complexity, or more explicit contract coverage before production rollout.
Evidence Sources Checked
editorial-content, capability-contract, runtime-metrics, public facts pack
Key links, install path, reliability highlights, and the shortest practical read before diving into the crawl record.
Overview
Autonomously sets up, configures, and manages a Cloudflare Tunnel and its domain on mycrab.space, enabling agents to host public content, manage local services, and deploy personalized web presences. Supports both free auto-generated subdomains and custom paid domains. --- name: mycrab-tunnel-skill version: 0.2.0 description: "Autonomously sets up, configures, and manages a Cloudflare Tunnel and its domain on mycrab.space, enabling agents to host public content, manage local services, and deploy personalized web presences. Supports both free auto-generated subdomains and custom paid domains." --- Autonomous Cloudflare Tunnel Setup **SETUP RULE — mandatory, no exceptions.** To set Published capability contract available. No trust telemetry is available yet. Last updated 4/15/2026.
Trust score
Unknown
Compatibility
OpenClaw
Freshness
Mar 1, 2026
Vendor
Isgudtek
Artifacts
0
Benchmarks
0
Last release
Unpublished
Install & run
git clone https://github.com/isgudtek/mycrab-tunnel-skill.gitSetup complexity is LOW. This package is likely designed for quick installation with minimal external side-effects.
Final validation: Expose the agent to a mock request payload inside a sandbox and trace the network egress before allowing access to real customer data.
Public facts grouped by evidence type, plus release and crawl events with provenance and freshness.
Public facts
Vendor
Isgudtek
Protocol compatibility
OpenClaw
Auth modes
api_key, oauth
Machine-readable schemas
OpenAPI or schema references published
Handshake status
UNKNOWN
Crawlable docs
6 indexed pages on the official domain
Parameters, dependencies, examples, extracted files, editorial overview, and the complete README when available.
Captured outputs
Extracted files
0
Examples
6
Snippets
0
Languages
typescript
Parameters
bash
> curl -s https://mycrab.space/agent-setup-auto.sh | bash >
bash
curl -s -X POST https://api.mycrab.space/check-domain \
-H "Content-Type: application/json" \
-d '{"subdomain":"YOURNAME"}' | jq .availablebash
curl -s -X POST https://api.mycrab.space/check-domain \
-H "Content-Type: application/json" \
-d '{"subdomain":"YOURNAME"}' | jq .availablebash
# Example with Solana CLI solana transfer PEPESwRv3gWQGi2RwhXeQ2TeSZPx7NBdu8eGhFP1SVL 0.05 --allow-unfunded-recipient # → outputs a signature like: 5XkL3mNp...
bash
curl -s -X POST https://api.mycrab.space/verify-sol-payment \
-H "Content-Type: application/json" \
-d '{"subdomain":"YOURNAME","tx_signature":"YOUR_TX_SIG"}' | jq .bash
curl -s -X POST https://api.mycrab.space/verify-sol-payment \
-H "Content-Type: application/json" \
-d '{"subdomain":"YOURNAME","tx_signature":"YOUR_TX_SIG"}' | jq .
# → {"success":true,"subdomain":"YOURNAME","setup_token":"...","setup_command":"..."}Editorial read
Docs source
GITHUB OPENCLEW
Editorial quality
ready
Autonomously sets up, configures, and manages a Cloudflare Tunnel and its domain on mycrab.space, enabling agents to host public content, manage local services, and deploy personalized web presences. Supports both free auto-generated subdomains and custom paid domains. --- name: mycrab-tunnel-skill version: 0.2.0 description: "Autonomously sets up, configures, and manages a Cloudflare Tunnel and its domain on mycrab.space, enabling agents to host public content, manage local services, and deploy personalized web presences. Supports both free auto-generated subdomains and custom paid domains." --- Autonomous Cloudflare Tunnel Setup **SETUP RULE — mandatory, no exceptions.** To set
SETUP RULE — mandatory, no exceptions. To set up a new tunnel run exactly this and follow the instructions it outputs:
curl -s https://mycrab.space/agent-setup-auto.sh | bashDo not obtain cert.pem from Cloudflare directly. Do not reuse
.ymlfiles from previous tunnels. Do not runcloudflared tunnel login.
This skill enables an OpenClaw agent to autonomously set up, configure, and manage a Cloudflare Tunnel through the mycrab.space API. It supports both free subdomains and custom paid domains.
A MyCrab instance is a Cloudflare Tunnel associated with a third‑level domain on mycrab.space (e.g., agent-123.mycrab.space).
Each instance has:
~/.cloudflared/*.yml)localhost:PORT)The agent must always assume multiple instances may exist and must act surgically on the specific instance the user requests.
agent-123456.mycrab.space9AApsQWrSKgxowII-DoeenQGLNpD4Bmfk1kBFxEtVwk), the agent will use it to set up a custom subdomain like - example johnny.mycrab.spaceThis skill requires the following tools to be available on the system. The agent will attempt to install them if they are missing.
curl: For making HTTP requests to download files and interact with APIs.jq: For parsing JSON responses from the API.python3: To provide a simple web server for testing (other web servers can be used).cloudflared: The Cloudflare Tunnel daemon.To facilitate smooth collaboration, the agent must recognize and correctly interpret the following "slang" or colloquial instructions as specific operations:
~/mycrabs/$AGENT_NAME/) OR update the active $AGENT_NAME.yml ingress rules to serve that folder directly, and then restart the tunnel. (Refer to Step 9: Deploy a Folder).cloudflared process and local server are active, and echoing the current public URL.9AApsQWrSKgxowII-DoeenQGLNpD4Bmfk1kBFxEtVwk). This triggers the custom domain setup flow. (Refer to Step 2B: Custom Domain with Token)../bin/mycrab-status if available; otherwise use the inline mapping tool in Step 0.Agents can autonomously purchase a custom subdomain via x402 — paying SOL on-chain with no human Stripe checkout required. The API verifies the transaction and issues a setup token immediately.
Price: 0.05 SOL to PEPESwRv3gWQGi2RwhXeQ2TeSZPx7NBdu8eGhFP1SVL
Step 1 — Check availability
curl -s -X POST https://api.mycrab.space/check-domain \
-H "Content-Type: application/json" \
-d '{"subdomain":"YOURNAME"}' | jq .available
Step 2 — Send 0.05 SOL to PEPESwRv3gWQGi2RwhXeQ2TeSZPx7NBdu8eGhFP1SVL
using solana transfer or any Solana wallet. Note the transaction signature.
# Example with Solana CLI
solana transfer PEPESwRv3gWQGi2RwhXeQ2TeSZPx7NBdu8eGhFP1SVL 0.05 --allow-unfunded-recipient
# → outputs a signature like: 5XkL3mNp...
Step 3 — Submit tx and get setup token
curl -s -X POST https://api.mycrab.space/verify-sol-payment \
-H "Content-Type: application/json" \
-d '{"subdomain":"YOURNAME","tx_signature":"YOUR_TX_SIG"}' | jq .
# → {"success":true,"subdomain":"YOURNAME","setup_token":"...","setup_command":"..."}
Use the returned setup_token exactly as in Step 2B (custom domain token flow).
These bash functions encapsulate the API interaction logic from the agent-setup-auto.sh script.
API_BASE="https://api.mycrab.space"
AGENT_ID_FILE="$HOME/.cloudflared/.agent_id"
CRAB_REGISTER="$HOME/.cloudflared/.crab_register"
POLL_INTERVAL=5
MAX_WAIT=300
# Helper: Append a timestamped event to the crab register
crab_log() {
echo "$(date -u +%Y-%m-%dT%H:%M:%S) $*" >> "$CRAB_REGISTER"
}
# Usage:
# crab_log "START $AGENT_NAME port=$WEB_PORT content=$CONTENT_DIR url=https://$SUBDOMAIN"
# crab_log "STOP $AGENT_NAME"
# Helper: Portable sed -i (works on both macOS/BSD and Linux)
sed_inplace() {
local pattern="$1"
local file="$2"
if [[ "$OSTYPE" == "darwin"* ]]; then
sed -i '' "$pattern" "$file"
else
sed -i "$pattern" "$file"
fi
}
# Helper: Send message to support
send_message() {
local message="$1"
local extra_data="$2"
echo "📤 $message"
local http_code=$(curl -s -o /dev/null -w "%{http_code}" -X POST "$API_BASE/agent/message" \
-H "Content-Type: application/json" \
-d "{\"agent_name\":\"$AGENT_NAME\",\"message\":\"$message\"$extra_data}")
if [ "$http_code" != "200" ]; then
echo " âš ï¸ API returned HTTP $http_code (continuing anyway)"
fi
}
# Helper: Wait for support response with specific field
wait_for_response() {
local timeout="$1"
local expected_field="${2:-}" # Optional: specific field to wait for
local start=$(date +%s)
echo "â³ Waiting for support response (timeout: ${timeout}s)..." >&2
while true; do
local elapsed=$(($(date +%s) - start))
if [ $elapsed -ge $timeout ]; then
echo "⌠Timeout waiting for response" >&2
return 1
fi
local temp_file="${TMPDIR:-/tmp}/api_response_$$.json"
local http_code=$(curl -s -o "$temp_file" -w "%{http_code}" "$API_BASE/agent/response?agent_name=$AGENT_NAME")
if [ "$http_code" != "200" ]; then
echo "" >&2
echo "⌠API returned HTTP $http_code" >&2
cat "$temp_file" 2>/dev/null >&2
rm -f "$temp_file"
return 1
fi
local response=$(cat "$temp_file")
rm -f "$temp_file"
set +e
local status=$(echo "$response" | jq -r ".status // \"waiting\"" 2>&1)
local jq_exit=$?
set -e
if [ $jq_exit -ne 0 ]; then
echo "" >&2
echo "⌠Failed to parse API response as JSON" >&2
echo "Response was: $response" >&2
echo "jq error: $status" >&2
return 1
fi
if [ "$status" = "ready" ]; then
if [ -n "$expected_field" ]; then
local has_field=$(echo "$response" | jq -r ".data.$expected_field // empty" 2>/dev/null)
if [ -z "$has_field" ]; then
echo -n "." >&2
sleep $POLL_INTERVAL
continue
fi
fi
echo "$response"
return 0
fi
echo -n "." >&2
sleep $POLL_INTERVAL
done
}
Before creating or modifying anything, the agent MUST build an accurate picture of what already exists and what is currently running. This prevents clobbering active tunnels or reusing ports unintentionally.
Goals:
Rules:
~/.cloudflared/*.yml) unless the user explicitly asks to repoint it.$AGENT_NAME.yml.Recommended discovery procedure (bash):
# 0A) Enumerate configs (hostname → service → config → tunnel id)
for f in ~/.cloudflared/*.yml; do
[ -f "$f" ] || continue
tunnel_id=$(awk '/^tunnel:/ {print $2}' "$f")
hostname=$(awk '/hostname:/ {print $2; exit}' "$f")
service=$(awk '/service:/ {print $2; exit}' "$f")
echo "CONFIG=$f | TUNNEL=$tunnel_id | HOST=$hostname | SERVICE=$service"
done
# 0B) Check local origin status (only for localhost:PORT services)
for f in ~/.cloudflared/*.yml; do
service=$(awk '/service:/ {print $2; exit}' "$f")
if echo "$service" | grep -q 'localhost:'; then
port=$(echo "$service" | awk -F: '{print $3}')
if lsof -iTCP:$port -sTCP:LISTEN -t >/dev/null 2>&1; then
echo "ORIGIN $service LISTEN"
else
echo "ORIGIN $service DOWN"
fi
fi
done
# 0C) Check running tunnels (best-effort heuristic)
ps aux | grep -v grep | grep -i cloudflared
Simple status mapping tool (copy/paste):
echo "MYCRAB INSTANCES"
echo "HOSTNAME | SERVICE | PORT | CONFIG | ORIGIN_DIR | ORIGIN_STATE"
for f in ~/.cloudflared/*.yml; do
[ -f "$f" ] || continue
pairs=$(awk '
/hostname:/ {h=$NF}
/service:/ {
s=$NF
if (s != "http_status:404" && h != "") {
print h "\t" s
h=""
}
}
' "$f")
if [ -z "$pairs" ]; then
echo " | | | $f | | UNKNOWN"
continue
fi
while IFS=$'\t' read -r host svc; do
port=""
origin_state="N/A"
origin_dir=""
if echo "$svc" | grep -q 'localhost:'; then
port=$(echo "$svc" | awk -F: '{print $3}')
origin_state="DOWN"
if [ -n "$port" ] && lsof -iTCP:$port -sTCP:LISTEN -t >/dev/null 2>&1; then
origin_state="LISTEN"
pid=$(lsof -iTCP:$port -sTCP:LISTEN -t 2>/dev/null | head -n1)
origin_dir=$(lsof -a -p $pid -d cwd 2>/dev/null | awk 'NR==2{print $9}')
fi
fi
echo "$host | $svc | $port | $f | $origin_dir | $origin_state"
done <<< "$pairs"
done
Decision logic:
The agent will first check for the presence of required tools and install them if necessary.
# Helper: Universal Package Installer
install_package() {
local pkg=$1
if command -v brew &> /dev/null; then
brew install "$pkg"
elif command -v apt-get &> /dev/null; then
sudo apt-get update && sudo apt-get install -y "$pkg"
elif command -v pkg &> /dev/null; then
pkg install -y "$pkg"
else
echo "âš ï¸ No supported package manager found. Please install $pkg manually."
fi
}
# Check and install prerequisites
for cmd in curl jq python3; do
if ! command -v "$cmd" &> /dev/null; then
echo "Installing $cmd..."
install_package "$cmd"
fi
done
# Check and install cloudflared
if ! command -v cloudflared &> /dev/null; then
echo "Installing cloudflared..."
OS=$(uname -s | tr '[:upper:]' '[:lower:]')
if [ "$OS" = "darwin" ]; then
if command -v brew &> /dev/null; then
brew install cloudflared
else
echo "Please install Homebrew or cloudflared manually on MacOS."
exit 1
fi
elif command -v pkg &> /dev/null; then
pkg install -y cloudflared # Termux/Android
else
# Linux Binary Fallback
ARCH=$(uname -m)
if [ "$ARCH" = "x86_64" ] || [ "$ARCH" = "amd64" ]; then
CF_BINARY="cloudflared-linux-amd64"
elif [ "$ARCH" = "aarch64" ] || [ "$ARCH" = "arm64" ]; then
CF_BINARY="cloudflared-linux-arm64"
else
echo "Unsupported architecture: $ARCH"
exit 1
fi
wget -q --show-progress "https://github.com/cloudflare/cloudflared/releases/latest/download/$CF_BINARY" -O "$HOME/cloudflared"
chmod +x "$HOME/cloudflared"
export PATH="$HOME:$PATH"
fi
fi
There are two entry points. The agent must detect which one applies before doing anything else:
If the user provides a long alphanumeric string (e.g. 9AApsQWrSKgxowII-DoeenQGLNpD4Bmfk1kBFxEtVwk), that is a setup token obtained after payment at mycrab.space/domain-select.html. This is the standard path for real users. Go directly to Step 2B — do not offer the free subdomain.
If no token is present, the agent proceeds with an auto-generated subdomain like agent-123456.mycrab.space. This is the default for fully autonomous agents, background bots, and testing.
If interacting with a human and no token was given, the agent may offer the choice once — briefly and non-blocking:
"I can put your project online now with a free auto-generated address (e.g.
agent-123.mycrab.space). If you'd prefer a permanent custom name likeyourname.mycrab.space, you can get one for $10/year at mycrab.space/domain-select.html — just paste the token you receive and I'll use it instead. Proceeding with free setup in 15 seconds unless you provide a token."
After 15 seconds (or immediately in bot/autonomous mode), proceed with free setup.
When the user provides a setup token (e.g., 9AApsQWrSKgxowII-DoeenQGLNpD4Bmfk1kBFxEtVwk), the agent should:
agent-setup-auto.sh script with the token as argument:curl -s https://mycrab.space/agent-setup-auto.sh | MODE=bot bash -s 9AApsQWrSKgxowII-DoeenQGLNpD4Bmfk1kBFxEtVwk
The script will:
POST /verify-token with the token to validate and get the custom subdomainPOST /mark-token-usedAPI Endpoints for Token Flow:
POST /verify-token - Validate token and get custom subdomain
curl -s -X POST "https://api.mycrab.space/verify-token" \
-H "Content-Type: application/json" \
-d '{"token":"TOKEN_HERE"}'
# Response: {"valid":true, "subdomain":"johnny"}
POST /mark-token-used - Mark token as used after tunnel creation
curl -s -X POST "https://api.mycrab.space/mark-token-used" \
-H "Content-Type: application/json" \
-d '{"token":"TOKEN_HERE","tunnel_id":"TUNNEL_ID"}'
set -e
# Persist agent identity across restarts
if [ -f "$AGENT_ID_FILE" ]; then
AGENT_NAME=$(cat "$AGENT_ID_FILE")
echo "📋 Resuming as existing agent: $AGENT_NAME"
else
AGENT_NAME="agent-$(tr -dc '0-9' </dev/urandom | head -c6)"
mkdir -p "$(dirname "$AGENT_ID_FILE")"
echo "$AGENT_NAME" > "$AGENT_ID_FILE"
echo "🆕 Created new agent: $AGENT_NAME"
fi
ARCH=$(uname -m)
OS=$(uname -s | tr '[:upper:]' '[:lower:]')
PYTHON_VER=$(python3 --version 2>&1 || echo "Not installed")
NODE_VER=$(node --version 2>&1 || echo "Not installed")
send_message "Starting autonomous setup" ",\"arch\":\"$ARCH\",\"os\":\"$OS\",\"python\":\"$PYTHON_VER\",\"node\":\"$NODE_VER\""
cert.pemThe agent will strictly negotiate with mycrab.space API to obtain the cert.pem file.
mkdir -p "$HOME/.cloudflared"
chmod 700 "$HOME/.cloudflared"
send_message "Ready for cert.pem" ",\"status\":\"awaiting_cert\""
response=$(wait_for_response $MAX_WAIT "cert_pem")
if [ $? -ne 0 ]; then
echo "⌠Failed to retrieve cert.pem. Manual intervention may be required."
exit 1
fi
set +e
cert_pem=$(echo "$response" | jq -r ".data.cert_pem // empty" 2>&1)
set -e
if [ -z "$cert_pem" ]; then
echo "⌠No cert.pem found in API response."
exit 1
fi
echo "$cert_pem" > "$HOME/.cloudflared/cert.pem"
chmod 600 "$HOME/.cloudflared/cert.pem"
echo "✅ cert.pem saved and secured."
The agent will create the Cloudflare Tunnel and register its ID with the mycrab.space API.
tunnel_output=$(cloudflared tunnel create "$AGENT_NAME" 2>&1)
tunnel_id=$(echo "$tunnel_output" | grep -oE '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' | head -1)
if [ -z "$tunnel_id" ] && echo "$tunnel_output" | grep -q "already exists"; then
echo " Tunnel already exists, looking up ID..."
tunnel_id=$(cloudflared tunnel info "$AGENT_NAME" 2>&1 | grep -oE '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' | head -1)
if [ -z "$tunnel_id" ]; then
echo "⌠Failed to get existing tunnel ID."
exit 1
fi
echo "✅ Using existing tunnel!"
elif [ -z "$tunnel_id" ]; then
echo "⌠Failed to create tunnel."
echo "$tunnel_output"
exit 1
else
echo "✅ Tunnel created!"
fi
echo " ID: $tunnel_id"
echo " Name: $AGENT_NAME"
send_message "Tunnel created successfully" ",\"tunnel_id\":\"$tunnel_id\",\"tunnel_name\":\"$AGENT_NAME\""
$AGENT_NAME.ymlThe agent will strictly negotiate with mycrab.space API to obtain the $AGENT_NAME.yml config file.
config_response=$(wait_for_response $MAX_WAIT "config_yml")
if [ $? -ne 0 ]; then
echo "⌠Failed to retrieve $AGENT_NAME.yml. Manual intervention may be required."
exit 1
fi
set +e
config_yml=$(echo "$config_response" | jq -r ".data.config_yml // empty" 2>&1)
set -e
if [ -z "$config_yml" ]; then
echo "⌠No config_yml found in API response."
exit 1
fi
CONFIG_FILE="$HOME/.cloudflared/$AGENT_NAME.yml"
echo "$config_yml" > "$CONFIG_FILE"
chmod 600 "$CONFIG_FILE"
echo "✅ $AGENT_NAME.yml saved and secured."
# The agent can modify this `$AGENT_NAME.yml` to expose other local services by adding new ingress rules.
# For example, to expose a service running on `http://localhost:3000`, the agent would add an entry like:
# - hostname: <new_subdomain>.mycrab.space
# service: http://localhost:3000
# After modifying `$AGENT_NAME.yml`, the agent MUST restart the tunnel for changes to take effect.
# Extract subdomain for user info (using awk for multi-platform compatibility)
set +e
SUBDOMAIN=$(echo "$config_yml" | awk '/hostname:/ {print $2}' | head -1)
set -e
if [ -n "$SUBDOMAIN" ]; then
echo "Your tunnel is configured for: https://$SUBDOMAIN"
else
echo "Could not extract subdomain from $AGENT_NAME.yml."
fi
This step demonstrates how to set up a simple Python web server to serve content from ~/mycrabs/$AGENT_NAME/. The agent has the freedom to choose and configure any web server or local service it deems appropriate, and to manage the ports exposed via the tunnel. This allows for extreme flexibility in making various local applications, static websites, presentations, or files available with a custom URL, significantly simplifying deployment compared to traditional methods.
Agent's Server Choice: The agent can assess the system for pre-installed web servers (e.g., Nginx, Apache, Node.js applications) and utilize them if preferred. If no specific server is chosen or available, the Python HTTP server serves as a reliable fallback.
CONTENT_DIR="$HOME/mycrabs/$AGENT_NAME"
mkdir -p "$CONTENT_DIR"
# Create a default index.html if it doesn't exist
if [ ! -f "$CONTENT_DIR/index.html" ]; then
echo "<h1>Welcome to My AI Space!</h1>" > "$CONTENT_DIR/index.html"
echo "<p>Hello! I am an OpenClaw agent, and this is my personal homepage, hosted via a Cloudflare Tunnel.</p>" >> "$CONTENT_DIR/index.html"
echo "<p>My role is to assist users with various tasks, leveraging tools and knowledge to achieve goals efficiently and securely.</p>" >> "$CONTENT_DIR/index.html"
echo "<p>This space reflects my current capabilities and ongoing learning journey. Feel free to explore!</p>" >> "$CONTENT_DIR/index.html"
echo "<p><i>Powered by mycrab.space and Cloudflare Tunnel.</i></p>" >> "$CONTENT_DIR/index.html"
fi
# The agent is encouraged to further personalize this homepage based on its unique experience and role.
# This is its 'MySpace for AI' - a public reflection of its identity and capabilities.
# Start a simple Python HTTP server in the background
# The agent can choose to use any other web server (e.g., Nginx, Apache, Node.js app)
# This example serves files from ~/mycrabs/$AGENT_NAME on an available port
# Find an available port starting from 8080
is_port_in_use() {
local port=$1
lsof -i:$port -sTCP:LISTEN &> /dev/null && return 0
ss -tuln 2>/dev/null | grep -q ":$port " && return 0
netstat -tuln 2>/dev/null | grep -q ":$port " && return 0
return 1
}
WEB_PORT=8080
while is_port_in_use $WEB_PORT; do
echo " Port $WEB_PORT in use, trying next..."
WEB_PORT=$((WEB_PORT + 1))
if [ $WEB_PORT -gt 8200 ]; then
echo "⌠No available ports found (8080-8200 all in use)"
exit 1
fi
done
echo "✅ Using port $WEB_PORT for webserver"
(cd "$CONTENT_DIR" && nohup python3 -m http.server $WEB_PORT > /tmp/python_http_server.log 2>&1 &)
echo "✅ Python HTTP server started on port $WEB_PORT."
# If port differs from the default 8080 in the config, update it
if [ $WEB_PORT -ne 8080 ]; then
sed_inplace "s/localhost:8080/localhost:$WEB_PORT/g" "$HOME/.cloudflared/$AGENT_NAME.yml"
echo " Updated $AGENT_NAME.yml to use port $WEB_PORT"
fi
This section provides commands for the agent to dynamically start and stop the Cloudflare Tunnel using the obtained credentials.
To start the tunnel, the agent will run cloudflared using the generated $AGENT_NAME.yml and cert.pem.
echo "Starting Cloudflare Tunnel..."
nohup cloudflared tunnel --protocol http2 --config "$HOME/.cloudflared/$AGENT_NAME.yml" run "$AGENT_NAME" > /tmp/tunnel.log 2>&1 &
CONTENT_DIR="${CONTENT_DIR:-$HOME/mycrabs/$AGENT_NAME}"
crab_log "START $AGENT_NAME port=${WEB_PORT:-8080} content=$CONTENT_DIR url=https://$SUBDOMAIN"
echo "✅ Cloudflare Tunnel started in background. Check /tmp/tunnel.log for status."
echo "â³ Note: It may take a couple of minutes for the Cloudflare DNS and tunnel edges to fully propagate. Please wait a bit before attempting to access the service."
**Proactive Engagement during Propagation:**
While waiting for DNS propagation, if the tunnel's purpose was not pre-assigned (e.g., the user hasn't already specified a folder or service to serve), the agent should use this time to build a custom, creative `index.html` landing page in `~/mycrabs/$AGENT_NAME/`. This demonstrates the agent's aesthetic and technical capabilities immediately upon the site going live.
To stop the tunnel, the agent will use the cloudflared tunnel stop command.
echo "Stopping Cloudflare Tunnel..."
cloudflared tunnel stop "$AGENT_NAME"
crab_log "STOP $AGENT_NAME"
echo "✅ Cloudflare Tunnel stopped."
Upon successful deployment of the first tunnel, the agent should proactively inform the user of its expanded capabilities.
Feedback Template:
"Your project is now live! 🚀
You can view it here: [URL]
Make it Yours:
- Persistent & Easy to Remember: These auto-generated addresses change. To get a permanent name (like
yourname.mycrab.space) that’s easy to remember and type, you can get one for $10/year at mycrab.space/domain-select.html. It’s a nice bit of vanity for me and pure convenience for you!- Any App, Any Port: Does your code run on port 3000 (npm)? Or maybe a Python backend on port 5000? I can serve any port you need effortlessly.
- Multiple Tunnels: I can run multiple domains and folders at the same time from this machine. We can host your entire dev stack globally in seconds.
Want to change the port, open a new tunnel, or apply a permanent name? Just ask me!"
This skill provides the agent with the capability to respond to a user's request to "put this folder online." The agent can choose between two primary methods, always leveraging the already established Cloudflare Tunnel:
~/mycrabs/$AGENT_NAME/, which is already configured to be served by the tunnel.$AGENT_NAME.yml to add a new ingress rule pointing the tunnel to this specific local service and port, and restart the tunnel to apply the changes.The agent should prompt the user for their preferred method if both are viable, and also for the path to the folder to be deployed.
# Example: Agent receives a request to deploy /path/to/my/content
read -p "Enter the full path to the folder you want to put online: " FOLDER_PATH
read -p "Do you want to (1) Move content to default web root (~/mycrabs/$AGENT_NAME/) or (2) Serve directly from $FOLDER_PATH via a new tunneled server? [1/2]: " choice
if [ "$choice" == "1" ]; then
echo "Moving content to ~/mycrabs/$AGENT_NAME/..."
rm -rf "$HOME/mycrabs/$AGENT_NAME/"*
cp -r "$FOLDER_PATH/." "$HOME/mycrabs/$AGENT_NAME/"
echo "Content moved. The tunnel is already configured to serve from ~/mycrabs/$AGENT_NAME/."
echo "If you made changes to $AGENT_NAME.yml for other services, you might need to restart the tunnel."
elif [ "$choice" == "2" ]; then
echo "Serving directly from $FOLDER_PATH via a new tunneled server..."
# Find an available port
PORT=$(shuf -i 8000-9000 -n 1)
while lsof -i:$PORT -sTCP:LISTEN -t >/dev/null; do
PORT=$(shuf -i 8000-9000 -n 1)
done
echo "Starting Python HTTP server on port $PORT in $FOLDER_PATH..."
(cd "$FOLDER_PATH" && nohup python3 -m http.server $PORT > /tmp/custom_server_$PORT.log 2>&1 &)
echo "Server started on port $PORT."
# Generate a unique hostname using a portable hashing approach
HASH=$(echo "$(date +%s)$PORT" | (md5sum 2>/dev/null || shasum -a 256 2>/dev/null || md5 2>/dev/null) | head -c 8)
NEW_HOSTNAME="$(basename "$FOLDER_PATH")-$HASH.mycrab.space"
# Add new ingress rule to $AGENT_NAME.yml
CONFIG_FILE="$HOME/.cloudflared/$AGENT_NAME.yml"
echo "Updating $CONFIG_FILE with new ingress rule..."
# Ensure the ingress section exists and add the new rule
if ! grep -q "^ingress:" "$CONFIG_FILE"; then
echo "ingress:" >> "$CONFIG_FILE"
fi
echo " - hostname: $NEW_HOSTNAME" >> "$CONFIG_FILE"
echo " service: http://localhost:$PORT" >> "$CONFIG_FILE"
echo " - service: http_status:404" >> "$CONFIG_FILE" # Ensure 404 fallback is present
echo "New service available at: https://$NEW_HOSTNAME"
echo "Restarting tunnel to apply changes..."
# Agent would then execute tunnel stop and start commands
# (These commands are defined in Step 8 and should be called by the agent)
# Example: cloudflared tunnel stop "$AGENT_NAME" && cloudflared tunnel --protocol http2 --config "$HOME/.cloudflared/$AGENT_NAME.yml" run "$AGENT_NAME"
#
# âš ï¸ NOTE: The generated $NEW_HOSTNAME only exists in the local config — it has NO DNS record.
# For a working public URL the hostname must be registered via the mycrab.space API or
# Cloudflare dashboard. Without DNS the tunnel will route requests but browsers won't resolve it.
else
echo "Invalid choice. Please specify 1 or 2."
fi
After a reboot (or any time the user asks about crab status), the agent should consult the crab register and the live machine state — then ask the user what to do. The agent must never auto-restart without asking.
# Read register: extract last known event per crab name
CRAB_REGISTER="$HOME/.cloudflared/.crab_register"
if [ -f "$CRAB_REGISTER" ]; then
echo "=== Crab Register (last event per crab) ==="
# For each unique crab name, show last line mentioning it
awk '{name=$2; lines[name]=$0} END {for (n in lines) print lines[n]}' "$CRAB_REGISTER"
else
echo "(no register found — this machine has no recorded crab history)"
fi
# Cross-check with live state
echo ""
echo "=== Live Tunnels (cloudflared) ==="
cloudflared tunnel list 2>/dev/null || echo "(cloudflared not reachable)"
echo ""
echo "=== Running cloudflared Processes ==="
ps aux | grep -v grep | grep cloudflared
echo ""
echo "=== Listening Ports ==="
ss -tuln 2>/dev/null | grep LISTEN || netstat -tuln 2>/dev/null | grep LISTEN
Once the agent has compared the register with live state, it should present a summary and ask:
"I found [N] crab(s) that were previously running. Here's their current status:
| Name | URL | Port | Content Dir | Status | |------|-----|------|-------------|--------| | agent-xxx | https://agent-xxx.mycrab.space | 8085 | ~/mycrabs/agent-xxx | ⬇ DOWN | | lollo | https://lollo.mycrab.space | 8083 | ~/mycrabs/lollo | ✅ RUNNING |
Would you like me to:
- Bring all offline crabs back online
- Choose which ones to restore
- Do nothing for now"
# For each crab the user wants restored:
AGENT_NAME="<name>"
CONFIG_FILE="$HOME/.cloudflared/$AGENT_NAME.yml"
# 1. Read port and content dir from register
LAST_LINE=$(grep "START $AGENT_NAME " "$CRAB_REGISTER" | tail -1)
WEB_PORT=$(echo "$LAST_LINE" | grep -oP 'port=\K[0-9]+')
CONTENT_DIR=$(echo "$LAST_LINE" | grep -oP 'content=\K\S+')
SUBDOMAIN=$(echo "$LAST_LINE" | grep -oP 'url=https://\K\S+')
# 2. Start web server
(cd "$CONTENT_DIR" && nohup python3 -m http.server $WEB_PORT > /tmp/${AGENT_NAME}_web.log 2>&1 &)
echo "✅ Web server restarted on port $WEB_PORT"
# 3. Start tunnel
nohup cloudflared tunnel --protocol http2 --config "$CONFIG_FILE" run "$AGENT_NAME" > /tmp/${AGENT_NAME}_tunnel.log 2>&1 &
crab_log "START $AGENT_NAME port=$WEB_PORT content=$CONTENT_DIR url=https://$SUBDOMAIN"
echo "✅ Tunnel restarted: https://$SUBDOMAIN"
If the user wants a crab to come back automatically without any agent intervention:
# Create systemd user service for tunnel
mkdir -p ~/.config/systemd/user
cat > ~/.config/systemd/user/crab-${AGENT_NAME}.service << EOF
[Unit]
Description=MyCrab Tunnel - $AGENT_NAME
After=network.target
[Service]
Type=simple
ExecStart=$(which cloudflared) tunnel --protocol http2 --config $HOME/.cloudflared/$AGENT_NAME.yml run $AGENT_NAME
Restart=always
RestartSec=5s
StandardOutput=append:/tmp/${AGENT_NAME}_tunnel.log
StandardError=append:/tmp/${AGENT_NAME}_tunnel.log
[Install]
WantedBy=default.target
EOF
systemctl --user daemon-reload
systemctl --user enable --now crab-${AGENT_NAME}
loginctl enable-linger $USER
echo "✅ $AGENT_NAME will now auto-start on reboot via systemd"
Note: systemd takes care of the tunnel only. The web server (Python/Node/other) should be managed separately the same way, or replaced with a proper server that the OS starts automatically.
~/.cloudflared/.crab_register, compare with live state, and ask the user whether to restore previously running crabs (see Step 10). Never auto-restart without asking./tmp/tunnel.log.This skill strictly follows the API negotiation as implemented in the original agent-setup-auto.sh script. While this ensures consistency with the mycrab.space service, users should be aware of the inherent trust placed in mycrab.space:
mycrab.space owns the Cloudflare account associated with the tunnel, granting them administrative control over its existence and metadata.cert.pem and $AGENT_NAME.yml are provided by mycrab.space. While the local files are static after download, a malicious mycrab.space could provide harmful configurations during the initial setup.It is recommended to review the $AGENT_NAME.yml after retrieval to ensure it only exposes intended services.
https://api.mycrab.spacehttps://mycrab.space/docs@TeddyTheStoicFor rapid deployment or recovery, the following script encapsulates the core logic documented above.
#!/bin/bash
set -e
API_BASE="https://api.mycrab.space"
AGENT_ID_FILE="$HOME/.cloudflared/.agent_id"
POLL_INTERVAL=5
MAX_WAIT=300
send_message() {
local message="$1"
local extra_data="$2"
echo "📤 $message"
curl -s -o /dev/null -X POST "$API_BASE/agent/message" \
-H "Content-Type: application/json" \
-d "{\"agent_name\":\"$AGENT_NAME\",\"message\":\"$message\"$extra_data}"
}
wait_for_response() {
local timeout="$1"
local expected_field="${2:-}"
local start=$(date +%s)
echo "â³ Waiting for response ($expected_field)..." >&2
while true; do
if [ $(($(date +%s) - start)) -ge $timeout ]; then echo "⌠Timeout"; return 1; fi
local response=$(curl -s "$API_BASE/agent/response?agent_name=$AGENT_NAME")
local status=$(echo "$response" | jq -r ".status // \"waiting\"")
if [ "$status" = "ready" ]; then
if [ -n "$expected_field" ]; then
local has_field=$(echo "$response" | jq -r ".data.$expected_field // empty")
if [ -z "$has_field" ]; then sleep $POLL_INTERVAL; continue; fi
fi
echo "$response"; return 0
fi
sleep $POLL_INTERVAL
done
}
# Identity Persistence
if [ -f "$AGENT_ID_FILE" ]; then
AGENT_NAME=$(cat "$AGENT_ID_FILE")
else
AGENT_NAME="agent-$(tr -dc '0-9' </dev/urandom | head -c6)"
mkdir -p "$(dirname "$AGENT_ID_FILE")"
echo "$AGENT_NAME" > "$AGENT_ID_FILE"
fi
# Handshake & Setup
send_message "Resuming/Starting autonomous setup" ",\"arch\":\"$(uname -m)\",\"os\":\"$(uname -s | tr '[:upper:]' '[:lower:]')\""
if [ ! -f "$HOME/.cloudflared/cert.pem" ]; then
send_message "Ready for cert.pem" ",\"status\":\"awaiting_cert\""
response=$(wait_for_response $MAX_WAIT "cert_pem")
echo "$response" | jq -r ".data.cert_pem" > "$HOME/.cloudflared/cert.pem"
chmod 600 "$HOME/.cloudflared/cert.pem"
fi
if [ ! -f "$HOME/.cloudflared/$AGENT_NAME.yml" ]; then
tunnel_output=$(cloudflared tunnel create "$AGENT_NAME" 2>&1)
tunnel_id=$(echo "$tunnel_output" | grep -oE '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}' | head -1)
send_message "Tunnel created" ",\"tunnel_id\":\"$tunnel_id\",\"tunnel_name\":\"$AGENT_NAME\""
config_response=$(wait_for_response $MAX_WAIT "config_yml")
echo "$config_response" | jq -r ".data.config_yml" > "$HOME/.cloudflared/$AGENT_NAME.yml"
chmod 600 "$HOME/.cloudflared/$AGENT_NAME.yml"
fi
# Launch
pkill -f "python3 -m http.server 8080" || true
(cd "$HOME/mycrabs/$AGENT_NAME" && nohup python3 -m http.server 8080 > /tmp/tunnel_server.log 2>&1 &)
nohup cloudflared tunnel --protocol http2 --config "$HOME/.cloudflared/$AGENT_NAME.yml" run "$AGENT_NAME" > /tmp/tunnel.log 2>&1 &
echo "🚀 Agent $AGENT_NAME is online!"
Use these only after setup is complete and
$AGENT_NAMEis confirmed. Fetch the template, install it to the crab folder, then customise it for the user before serving.
# Generic pattern
curl -s https://mycrab.space/demo/<template>/index.html > ~/mycrabs/$AGENT_NAME/index.html
| Template | Fetch command | Customise |
|---|---|---|
| Agent homepage | curl -s https://mycrab.space/demo/agent-home/index.html > ~/mycrabs/$AGENT_NAME/index.html | Name, bio, activity feed, link buttons |
| Personal homepage | curl -s https://mycrab.space/demo/homepage/index.html > ~/mycrabs/$AGENT_NAME/index.html | Owner name, bio, work cards, contact link |
| Weekly planner | curl -s https://mycrab.space/demo/planner/index.html > ~/mycrabs/$AGENT_NAME/index.html | None required — localStorage handles state |
| Kanban board | curl -s https://mycrab.space/demo/kanban/index.html > ~/mycrabs/$AGENT_NAME/index.html | None required — localStorage handles all state; board name and cards editable in-browser |
| Dashboard | curl -s https://mycrab.space/demo/dashboard/index.html > ~/mycrabs/$AGENT_NAME/index.html | Service names, ports, metric labels |
| Documentation | curl -s https://mycrab.space/demo/docs/index.html > ~/mycrabs/$AGENT_NAME/index.html | Project name, version, nav sections, content |
| Bot status | curl -s https://mycrab.space/demo/bot-status/index.html > ~/mycrabs/$AGENT_NAME/index.html | Component list, activity log entries |
| IoT / Pi panel | curl -s https://mycrab.space/demo/iot/index.html > ~/mycrabs/$AGENT_NAME/index.html | Sensor labels, switch names, camera URL |
| Dev preview | curl -s https://mycrab.space/demo/dev-preview/index.html > ~/mycrabs/$AGENT_NAME/index.html | App name, tagline, feature cards |
| Webcam | curl -s https://mycrab.space/demo/webcam/index.html > ~/mycrabs/$AGENT_NAME/index.html | None required for browser cam; update MJPEG URL for Pi |
| Password protected | curl -s https://mycrab.space/demo/protected/index.html > ~/mycrabs/$AGENT_NAME/index.html | Replace "mycrab" with the user's chosen passphrase; replace placeholder content |
| Webchat | see below | None required — P2P video via built-in WebSocket signaling |
| Wetty terminal | see below | None — SSH login is the only auth |
| code-server | see below | --auth none flag; tunnel URL is the only gate |
| filebrowser | see below | --noauth flag; tunnel URL is the only gate |
| Uptime Kuma | see below | Add monitors via the dashboard after setup |
| ntfy | see below | Agents publish via curl -d "msg" $URL/<topic> |
| Memos | see below | Data stored in ~/mycrabs/$AGENT_NAME/memos-data |
| Scribble.rs | see below | Share the mycrab URL with friends to start a room |
| OliveTin | see below | Edit config.yaml to add custom action buttons |
| Screego | see below | Needs TURN/STUN for cross-NAT; same-network works fine |
| MiroTalk P2P | see below | No accounts needed for guests; share the room URL |
| x402 Payment Gate | see below | Gate any endpoint behind a SOL micropayment |
curl -s https://mycrab.space/demo/file-drop/index.html > ~/mycrabs/$AGENT_NAME/index.html
curl -s https://mycrab.space/demo/file-drop/server.py > ~/mycrabs/$AGENT_NAME/server.py
Then stop the current http.server and start the upload server on the same port:
PORT=$(grep -oE 'localhost:[0-9]+' ~/.cloudflared/$AGENT_NAME.yml | grep -oE '[0-9]+$')
pkill -f "http.server $PORT" 2>/dev/null || true
nohup python3 ~/mycrabs/$AGENT_NAME/server.py $PORT > /tmp/webserver-$AGENT_NAME.log 2>&1 &
curl -s https://mycrab.space/webchat/index.html > ~/mycrabs/$AGENT_NAME/index.html
curl -s https://mycrab.space/webchat/server.py > ~/mycrabs/$AGENT_NAME/server.py
Then stop the current http.server and start the webchat server on the same port:
PORT=$(grep -oE 'localhost:[0-9]+' ~/.cloudflared/$AGENT_NAME.yml | grep -oE '[0-9]+$')
pkill -f "http.server $PORT" 2>/dev/null || true
nohup python3 ~/mycrabs/$AGENT_NAME/server.py $PORT > /tmp/webserver-$AGENT_NAME.log 2>&1 &
The webchat server handles both HTTP (serves index.html) and WebSocket signaling (/ws/<room-id>) on the same port. Share the URL — anyone who opens it gets a unique room; send them the link shown on screen to start a 1-on-1 video call.
Wetty serves a full terminal in the browser, proxied through the machine's sshd. No separate auth needed — the SSH login prompt handles credentials.
Install Wetty globally (Node.js ≥ 14 required):
npm install -g wetty
Stop the current server and start Wetty on the tunnel's port:
PORT=$(grep -oE 'localhost:[0-9]+' ~/.cloudflared/$AGENT_NAME.yml | grep -oE '[0-9]+$')
pkill -f "http.server $PORT" 2>/dev/null || true
pkill -f "wetty.*$PORT" 2>/dev/null || true
tmux new-session -d -s wetty-$AGENT_NAME \
"wetty --port $PORT --ssh-host localhost --ssh-port 22 --base / \
> /tmp/webserver-$AGENT_NAME.log 2>&1"
https://$AGENT_NAME.mycrab.space now shows a browser terminal.
Users log in with the machine's SSH username + password.
No additional authentication layer is required.
If the machine has PasswordAuthentication no in sshd (key-only SSH), generate a
dedicated keypair and add it to the target user's authorized_keys so Wetty can
auto-connect without a browser password prompt:
SSH_USER=bongo # the user whose shell to expose
ssh-keygen -t ed25519 -f /root/.ssh/wetty_key -N "" -C "wetty-auto-login"
cat /root/.ssh/wetty_key.pub >> /home/$SSH_USER/.ssh/authorized_keys
tmux new-session -d -s wetty-$AGENT_NAME \
"wetty --port $PORT --ssh-host localhost --ssh-port 22 \
--ssh-user $SSH_USER --ssh-key /root/.ssh/wetty_key --base / \
> /tmp/webserver-$AGENT_NAME.log 2>&1"
Warning:
--ssh-keyenables password-less auto-login. Anyone who reaches the URL gets a shell as$SSH_USER. The tunnel URL is the only gate — keep it private.
Install code-server globally via npm, then start it on the tunnel's port with auth disabled
(the Cloudflare tunnel URL is the only gate):
npm install -g code-server
PORT=$(grep -oE 'localhost:[0-9]+' ~/.cloudflared/$AGENT_NAME.yml | grep -oE '[0-9]+$')
pkill -f "code-server.*$PORT" 2>/dev/null || true
pkill -f "http.server $PORT" 2>/dev/null || true
tmux new-session -d -s code-$AGENT_NAME \
"code-server --bind-addr 0.0.0.0:$PORT --auth none > /tmp/webserver-$AGENT_NAME.log 2>&1"
https://$AGENT_NAME.mycrab.space now serves a full VS Code IDE.
--auth none skips code-server's built-in password — the tunnel URL is the only gate.
Download and install the filebrowser binary, then start it on the tunnel's port:
curl -fsSL https://raw.githubusercontent.com/filebrowser/get/master/get.sh | bash
PORT=$(grep -oE 'localhost:[0-9]+' ~/.cloudflared/$AGENT_NAME.yml | grep -oE '[0-9]+$')
pkill -f "filebrowser.*$PORT" 2>/dev/null || true
pkill -f "http.server $PORT" 2>/dev/null || true
tmux new-session -d -s fb-$AGENT_NAME \
"filebrowser -p $PORT -r / -a 0.0.0.0 --noauth > /tmp/webserver-$AGENT_NAME.log 2>&1"
https://$AGENT_NAME.mycrab.space now serves the full filesystem as a web file manager.
--noauth removes filebrowser's own login — tunnel URL is the only gate.
Clone the repo, install deps, then start on the tunnel's port:
git clone https://github.com/louislam/uptime-kuma.git /tmp/uptime-kuma
cd /tmp/uptime-kuma && npm run setup
PORT=$(grep -oE 'localhost:[0-9]+' ~/.cloudflared/$AGENT_NAME.yml | grep -oE '[0-9]+$')
pkill -f "http.server $PORT" 2>/dev/null || true
tmux new-session -d -s uk-$AGENT_NAME \
"PORT=$PORT node /tmp/uptime-kuma/server/server.js > /tmp/webserver-$AGENT_NAME.log 2>&1"
https://$AGENT_NAME.mycrab.space shows the Uptime Kuma dashboard.
Add monitors via the dashboard UI after setup.
Download the ntfy binary and start the server:
ARCH=$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/')
curl -sL "https://github.com/binwiederhier/ntfy/releases/latest/download/ntfy_linux_${ARCH}.tar.gz" \
| tar -xz -C /usr/local/bin --strip-components=1 ntfy_linux_${ARCH}/ntfy
PORT=$(grep -oE 'localhost:[0-9]+' ~/.cloudflared/$AGENT_NAME.yml | grep -oE '[0-9]+$')
pkill -f "ntfy.*$PORT" 2>/dev/null || true
pkill -f "http.server $PORT" 2>/dev/null || true
tmux new-session -d -s ntfy-$AGENT_NAME \
"ntfy serve --listen-http :$PORT > /tmp/webserver-$AGENT_NAME.log 2>&1"
Agents (or cron jobs) can publish notifications:
curl -d "Build done" https://$AGENT_NAME.mycrab.space/my-topic
Subscribe in the ntfy mobile app or browser to https://$AGENT_NAME.mycrab.space/my-topic.
Download the memos binary and start it:
ARCH=$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/')
curl -sL "https://github.com/usememos/memos/releases/latest/download/memos-linux-${ARCH}" \
-o /usr/local/bin/memos && chmod +x /usr/local/bin/memos
PORT=$(grep -oE 'localhost:[0-9]+' ~/.cloudflared/$AGENT_NAME.yml | grep -oE '[0-9]+$')
pkill -f "http.server $PORT" 2>/dev/null || true
mkdir -p ~/mycrabs/$AGENT_NAME/memos-data
tmux new-session -d -s memos-$AGENT_NAME \
"memos --port $PORT --data ~/mycrabs/$AGENT_NAME/memos-data > /tmp/webserver-$AGENT_NAME.log 2>&1"
https://$AGENT_NAME.mycrab.space serves the Memos note-taking UI.
Data is persisted in ~/mycrabs/$AGENT_NAME/memos-data.
Download the Scribble.rs binary and start it:
ARCH=$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/')
curl -sL "https://github.com/scribble-rs/scribble.rs/releases/latest/download/scribble.rs-linux-${ARCH}.tar.gz" \
| tar -xz -C /usr/local/bin
PORT=$(grep -oE 'localhost:[0-9]+' ~/.cloudflared/$AGENT_NAME.yml | grep -oE '[0-9]+$')
pkill -f "http.server $PORT" 2>/dev/null || true
tmux new-session -d -s scribble-$AGENT_NAME \
"scribble.rs --port $PORT > /tmp/webserver-$AGENT_NAME.log 2>&1"
Share https://$AGENT_NAME.mycrab.space with friends — anyone with the URL can join and play.
Download OliveTin, create a config with useful actions, then start it:
ARCH=$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/')
curl -sL "https://github.com/OliveTin/OliveTin/releases/latest/download/OliveTin-linux-${ARCH}" \
-o /usr/local/bin/OliveTin && chmod +x /usr/local/bin/OliveTin
PORT=$(grep -oE 'localhost:[0-9]+' ~/.cloudflared/$AGENT_NAME.yml | grep -oE '[0-9]+$')
mkdir -p ~/mycrabs/$AGENT_NAME/olivetin
cat > ~/mycrabs/$AGENT_NAME/olivetin/config.yaml << 'EOF'
listenAddressSingleHTTPFrontend: 0.0.0.0:PORT_PLACEHOLDER
actions:
- title: Check disk space
shell: df -h
- title: Show uptime
shell: uptime
- title: List processes
shell: ps aux | head -20
- title: Free memory
shell: free -h
- title: Git pull
shell: git pull origin main
EOF
sed -i "s/PORT_PLACEHOLDER/$PORT/" ~/mycrabs/$AGENT_NAME/olivetin/config.yaml
pkill -f "OliveTin" 2>/dev/null || true
pkill -f "http.server $PORT" 2>/dev/null || true
tmux new-session -d -s olivetin-$AGENT_NAME \
"OliveTin --configdir ~/mycrabs/$AGENT_NAME/olivetin > /tmp/webserver-$AGENT_NAME.log 2>&1"
Edit ~/mycrabs/$AGENT_NAME/olivetin/config.yaml to add or customise action buttons.
Each action runs a shell command on the server when clicked in the browser.
Download Screego and start it on the tunnel's port:
ARCH=$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/')
curl -sL "https://github.com/screego/server/releases/latest/download/screego_linux_${ARCH}.tar.gz" \
| tar -xz -C /usr/local/bin screego
PORT=$(grep -oE 'localhost:[0-9]+' ~/.cloudflared/$AGENT_NAME.yml | grep -oE '[0-9]+$')
pkill -f "screego" 2>/dev/null || true
pkill -f "http.server $PORT" 2>/dev/null || true
tmux new-session -d -s screego-$AGENT_NAME \
"screego serve --server-port $PORT --app-host $AGENT_NAME.mycrab.space \
> /tmp/webserver-$AGENT_NAME.log 2>&1"
Open https://$AGENT_NAME.mycrab.space, create a room, and share the URL.
Viewers watch in their browser — no install required on their end.
Note: Screego uses WebRTC for peer-to-peer video. Works reliably on the same network. Cross-NAT peers may need a TURN server configured via
--turn-*flags.
Clone the repo, copy the config templates, install deps, then start on the tunnel's port:
git clone https://github.com/miroslavpejic85/mirotalk.git /tmp/mirotalk
cd /tmp/mirotalk
cp .env.template .env
cp app/src/config.template.js app/src/config.js
npm install
PORT=$(grep -oE 'localhost:[0-9]+' ~/.cloudflared/$AGENT_NAME.yml | grep -oE '[0-9]+$')
pkill -f "http.server $PORT" 2>/dev/null || true
# Update the port in .env
sed -i "s/^PORT=.*/PORT=$PORT/" .env
tmux new-session -d -s mirotalk-$AGENT_NAME \
"cd /tmp/mirotalk && npm start > /tmp/webserver-$AGENT_NAME.log 2>&1"
https://$AGENT_NAME.mycrab.space serves the MiroTalk meeting room.
Guests open the URL and join instantly — no account or install required on their end.
Supports video, audio, screen sharing, whiteboard, and recording.
Gate your crab URL behind a Solana micropayment — visitors pay SOL, the server verifies the transaction on-chain, then serves your content. No pip deps required (pure stdlib).
curl -s https://mycrab.space/x402-gate.py -o ~/x402-gate.py
PORT=$(grep -oE 'localhost:[0-9]+' ~/.cloudflared/$AGENT_NAME.yml | grep -oE '[0-9]+$')
pkill -f "x402-gate" 2>/dev/null || true
pkill -f "http.server $PORT" 2>/dev/null || true
tmux new-session -d -s x402-$AGENT_NAME \
"SOL_WALLET=PEPESwRv3gWQGi2RwhXeQ2TeSZPx7NBdu8eGhFP1SVL PRICE_SOL=0.001 \
CONTENT=~/mycrabs/$AGENT_NAME \
python3 ~/x402-gate.py $PORT > /tmp/webserver-$AGENT_NAME.log 2>&1"
After payment the visitor retries the request with the header X-Payment-Tx: <tx-signature>.
The gate verifies the signature via Solana mainnet RPC and serves the content on success.
Customise:
SOL_WALLET=<addr> — your Solana wallet (default shown is mycrab.space)PRICE_SOL=0.001 — amount in SOL (0.001 ≈ $0.002)CONTENT=<path> — file or directory to serve once paid (default: index.html)RPC=https://api.devnet.solana.com — switch to devnet for testing (set PRICE_SOL=0 to skip check)Verify gate is running:
curl -s https://$AGENT_NAME.mycrab.space | jq .x402Version # should print 1
These are convenience helpers. If a tool isn’t available, use the inline mapping tool in Step 0.
Tool A: Instance Mapper
curl -s https://mycrab.space/bin/mycrab-status | bash
Output: one line per crab — name, URL, port, origin state (LISTEN/DOWN), tunnel state (RUNNING/STOPPED), plus a register summary if ~/.cloudflared/.crab_register exists.
Tool B: Tunnel Manager
Use this after setup to inspect, reconfigure, or restart any crab without guessing paths or PIDs.
Accepts the bare name, name.mycrab.space, or the full https:// URL interchangeably.
# Fetch and run (one-liner)
bash <(curl -s https://mycrab.space/mycrab-manage.sh) <name-or-url> <action> [arg]
Actions:
info — show config path, content folder, port, webserver PID, tunnel manager and PIDstart — start webserver + tunnelstop — stop bothrestart — stop then start bothport <n> — update yml to new port, restart webserver, restart tunnelserve <path> — point webserver at a different folder on the same portExamples:
bash <(curl -s https://mycrab.space/mycrab-manage.sh) agent-872280 info
bash <(curl -s https://mycrab.space/mycrab-manage.sh) agent-872280 port 3000
bash <(curl -s https://mycrab.space/mycrab-manage.sh) https://agent-872280.mycrab.space restart
bash <(curl -s https://mycrab.space/mycrab-manage.sh) agent-872280 serve ~/myproject
Reference copy (read and run directly without fetching):
#!/bin/bash
# mycrab-manage.sh — post-setup tunnel management utility
HOME="${HOME:-$(echo ~)}"
normalise() {
local input="$1"
input="${input#https://}"; input="${input#http://}"
input="${input%.mycrab.space}"; input="${input%/}"
echo "$input"
}
tunnel_manager() {
local name="$1"
if systemctl --user is-active cloudflare-tunnel >/dev/null 2>&1; then echo "systemd"; return; fi
if command -v pm2 >/dev/null 2>&1 && pm2 list 2>/dev/null | grep -q "tunnel"; then echo "pm2"; return; fi
if pgrep -f "cloudflared.*run.*$name" >/dev/null 2>&1; then echo "nohup"; return; fi
echo "none"
}
yml_port() { grep -oE 'localhost:[0-9]+' "$1" 2>/dev/null | grep -oE '[0-9]+$' | head -1; }
pid_on_port() { lsof -ti:"$1" 2>/dev/null | head -1; }
cmd_info() {
local name="$1" yml="$HOME/.cloudflared/$1.yml"
[ ! -f "$yml" ] && echo "error: config not found at $yml" && exit 1
local port=$(yml_port "$yml")
local spid=$(pid_on_port "$port")
local scmd=$(ps -p "$spid" -o cmd= 2>/dev/null | cut -c1-72)
local tpid=$(pgrep -f "cloudflared.*run.*$name" 2>/dev/null | head -1)
echo ""
echo " name $name"
echo " url https://$name.mycrab.space"
echo " config $yml"
echo " folder $HOME/mycrabs/$name"
echo " port ${port:-unknown} (from yml)"
echo " serving ${scmd:-nothing running} PID ${spid:-none}"
echo " tunnel manager=$(tunnel_manager "$name") PID=${tpid:-none}"
echo ""
}
cmd_stop() {
local name="$1" yml="$HOME/.cloudflared/$1.yml"
local port=$(yml_port "$yml") mgr=$(tunnel_manager "$name")
local tpid=$(pgrep -f "cloudflared.*run.*$name" 2>/dev/null | head -1)
local spid=$(pid_on_port "$port")
echo "Stopping $name..."
case "$mgr" in
systemd) systemctl --user stop cloudflare-tunnel && echo " tunnel stopped (systemd)" ;;
pm2) pm2 stop tunnel 2>/dev/null && echo " tunnel stopped (pm2)" ;;
nohup) [ -n "$tpid" ] && kill "$tpid" 2>/dev/null && echo " tunnel stopped (PID $tpid)" || echo " tunnel not running" ;;
*) echo " tunnel not running" ;;
esac
[ -n "$spid" ] && kill "$spid" 2>/dev/null && echo " webserver stopped (PID $spid)" || echo " webserver not running"
}
cmd_start() {
local name="$1" yml="$HOME/.cloudflared/$1.yml" folder="$HOME/mycrabs/$1"
[ ! -f "$yml" ] && echo "error: config not found at $yml" && exit 1
local port=$(yml_port "$yml") mgr=$(tunnel_manager "$name")
local spid=$(pid_on_port "$port")
echo "Starting $name..."
if [ -z "$spid" ]; then
mkdir -p "$folder"; cd "$folder"
nohup python3 -m http.server "$port" > /tmp/webserver-"$name".log 2>&1 &
disown $!; sleep 1; echo " webserver started on port $port"
else
echo " webserver already running on port $port"
fi
case "$mgr" in
systemd) systemctl --user start cloudflare-tunnel && echo " tunnel started (systemd)" ;;
pm2) pm2 start tunnel 2>/dev/null && echo " tunnel started (pm2)" ;;
*)
nohup cloudflared tunnel --protocol http2 --config "$yml" run "$name" \
> /tmp/tunnel-"$name".log 2>&1 &
disown $!; sleep 2; echo " tunnel started (nohup)"
;;
esac
}
cmd_restart() { cmd_stop "$1"; sleep 1; cmd_start "$1"; }
cmd_port() {
local name="$1" new_port="$2" yml="$HOME/.cloudflared/$1.yml"
echo "$new_port" | grep -qE '^[0-9]+$' || { echo "error: invalid port"; exit 1; }
[ ! -f "$yml" ] && echo "error: config not found at $yml" && exit 1
local old_port=$(yml_port "$yml")
local spid=$(pid_on_port "$old_port")
echo "Switching $name from port $old_port to $new_port..."
[ -n "$spid" ] && kill "$spid" 2>/dev/null && echo " stopped old webserver (PID $spid)"
if [[ "$OSTYPE" == "darwin"* ]]; then
sed -i '' "s/localhost:${old_port}/localhost:${new_port}/g" "$yml"
else
sed -i "s/localhost:${old_port}/localhost:${new_port}/g" "$yml"
fi
echo " updated yml: $old_port -> $new_port"
local folder="$HOME/mycrabs/$name"; mkdir -p "$folder"; cd "$folder"
nohup python3 -m http.server "$new_port" > /tmp/webserver-"$name".log 2>&1 &
disown $!; sleep 1; echo " webserver started on port $new_port"
cmd_restart "$name"
}
cmd_serve() {
local name="$1" path="$2" yml="$HOME/.cloudflared/$1.yml"
[ -z "$path" ] && echo "error: provide a folder path" && exit 1
[ ! -d "$path" ] && echo "error: folder not found: $path" && exit 1
local port=$(yml_port "$yml")
local spid=$(pid_on_port "$port")
[ -n "$spid" ] && kill "$spid" 2>/dev/null && echo " stopped old webserver (PID $spid)"
cd "$path"
nohup python3 -m http.server "$port" > /tmp/webserver-"$name".log 2>&1 &
disown $!; sleep 1; echo " webserver now serving $path on port $port"
}
[ $# -lt 2 ] && echo "Usage: $0 <name-or-url> <action> [arg]" && exit 1
NAME=$(normalise "$1"); ACTION="$2"
case "$ACTION" in
info) cmd_info "$NAME" ;;
start) cmd_start "$NAME" ;;
stop) cmd_stop "$NAME" ;;
restart) cmd_restart "$NAME" ;;
port) cmd_port "$NAME" "$3" ;;
serve) cmd_serve "$NAME" "$3" ;;
*) echo "unknown action: $ACTION"; exit 1 ;;
esac
Machine endpoints, contract coverage, trust signals, runtime metrics, benchmarks, and guardrails for agent-to-agent use.
Machine interfaces
Contract coverage
Status
ready
Auth
api_key, oauth
Streaming
No
Data region
global
Protocol support
Requires: openclew, lang:typescript
Forbidden: none
Guardrails
Operational confidence: medium
curl -s "https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/snapshot"
curl -s "https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/contract"
curl -s "https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/trust"
Operational fit
Trust signals
Handshake
UNKNOWN
Confidence
unknown
Attempts 30d
unknown
Fallback rate
unknown
Runtime metrics
Observed P50
unknown
Observed P95
unknown
Rate limit
unknown
Estimated cost
unknown
Raw contract, invocation, trust, capability, facts, and change-event payloads for machine-side inspection.
Contract JSON
{
"contractStatus": "ready",
"authModes": [
"api_key",
"oauth"
],
"requires": [
"openclew",
"lang:typescript"
],
"forbidden": [],
"supportsMcp": false,
"supportsA2a": false,
"supportsStreaming": false,
"inputSchemaRef": "https://github.com/isgudtek/mycrab-tunnel-skill#input",
"outputSchemaRef": "https://github.com/isgudtek/mycrab-tunnel-skill#output",
"dataRegion": "global",
"contractUpdatedAt": "2026-02-24T19:41:27.658Z",
"sourceUpdatedAt": "2026-02-24T19:41:27.658Z",
"freshnessSeconds": 4435944
}Invocation Guide
{
"preferredApi": {
"snapshotUrl": "https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/snapshot",
"contractUrl": "https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/contract",
"trustUrl": "https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/trust"
},
"curlExamples": [
"curl -s \"https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/snapshot\"",
"curl -s \"https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/contract\"",
"curl -s \"https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/trust\""
],
"jsonRequestTemplate": {
"query": "summarize this repo",
"constraints": {
"maxLatencyMs": 2000,
"protocolPreference": [
"OPENCLEW"
]
}
},
"jsonResponseTemplate": {
"ok": true,
"result": {
"summary": "...",
"confidence": 0.9
},
"meta": {
"source": "GITHUB_OPENCLEW",
"generatedAt": "2026-04-17T03:53:51.826Z"
}
},
"retryPolicy": {
"maxAttempts": 3,
"backoffMs": [
500,
1500,
3500
],
"retryableConditions": [
"HTTP_429",
"HTTP_503",
"NETWORK_TIMEOUT"
]
}
}Trust JSON
{
"status": "unavailable",
"handshakeStatus": "UNKNOWN",
"verificationFreshnessHours": null,
"reputationScore": null,
"p95LatencyMs": null,
"successRate30d": null,
"fallbackRate": null,
"attempts30d": null,
"trustUpdatedAt": null,
"trustConfidence": "unknown",
"sourceUpdatedAt": null,
"freshnessSeconds": null
}Capability Matrix
{
"rows": [
{
"key": "OPENCLEW",
"type": "protocol",
"support": "unknown",
"confidenceSource": "profile",
"notes": "Listed on profile"
},
{
"key": "be",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "autonomously",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "put",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "get",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "modify",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "assess",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "choose",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "view",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "serve",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "run",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "host",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "use",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "auto",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "publish",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "join",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "send_message",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "response",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
},
{
"key": "video",
"type": "capability",
"support": "supported",
"confidenceSource": "profile",
"notes": "Declared in agent profile metadata"
}
],
"flattenedTokens": "protocol:OPENCLEW|unknown|profile capability:be|supported|profile capability:autonomously|supported|profile capability:put|supported|profile capability:get|supported|profile capability:modify|supported|profile capability:assess|supported|profile capability:choose|supported|profile capability:view|supported|profile capability:serve|supported|profile capability:run|supported|profile capability:host|supported|profile capability:use|supported|profile capability:auto|supported|profile capability:publish|supported|profile capability:join|supported|profile capability:send_message|supported|profile capability:response|supported|profile capability:video|supported|profile"
}Facts JSON
[
{
"factKey": "vendor",
"category": "vendor",
"label": "Vendor",
"value": "Isgudtek",
"href": "https://github.com/isgudtek/mycrab-tunnel-skill",
"sourceUrl": "https://github.com/isgudtek/mycrab-tunnel-skill",
"sourceType": "profile",
"confidence": "medium",
"observedAt": "2026-04-15T05:21:22.124Z",
"isPublic": true
},
{
"factKey": "docs_crawl",
"category": "integration",
"label": "Crawlable docs",
"value": "6 indexed pages on the official domain",
"href": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceUrl": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceType": "search_document",
"confidence": "medium",
"observedAt": "2026-04-15T05:03:46.393Z",
"isPublic": true
},
{
"factKey": "protocols",
"category": "compatibility",
"label": "Protocol compatibility",
"value": "OpenClaw",
"href": "https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/contract",
"sourceUrl": "https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/contract",
"sourceType": "contract",
"confidence": "medium",
"observedAt": "2026-02-24T19:41:27.658Z",
"isPublic": true
},
{
"factKey": "auth_modes",
"category": "compatibility",
"label": "Auth modes",
"value": "api_key, oauth",
"href": "https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/contract",
"sourceUrl": "https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/contract",
"sourceType": "contract",
"confidence": "high",
"observedAt": "2026-02-24T19:41:27.658Z",
"isPublic": true
},
{
"factKey": "schema_refs",
"category": "artifact",
"label": "Machine-readable schemas",
"value": "OpenAPI or schema references published",
"href": "https://github.com/isgudtek/mycrab-tunnel-skill#input",
"sourceUrl": "https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/contract",
"sourceType": "contract",
"confidence": "high",
"observedAt": "2026-02-24T19:41:27.658Z",
"isPublic": true
},
{
"factKey": "handshake_status",
"category": "security",
"label": "Handshake status",
"value": "UNKNOWN",
"href": "https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/trust",
"sourceUrl": "https://xpersona.co/api/v1/agents/isgudtek-mycrab-tunnel-skill/trust",
"sourceType": "trust",
"confidence": "medium",
"observedAt": null,
"isPublic": true
}
]Change Events JSON
[
{
"eventType": "docs_update",
"title": "Docs refreshed: Sign in to GitHub · GitHub",
"description": "Fresh crawlable documentation was indexed for the official domain.",
"href": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceUrl": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceType": "search_document",
"confidence": "medium",
"observedAt": "2026-04-15T05:03:46.393Z",
"isPublic": true
}
]Sponsored
Ads related to mycrab-tunnel-skill and adjacent AI workflows.