惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Tenable Blog
Engineering at Meta
Engineering at Meta
The Register - Security
The Register - Security
N
Netflix TechBlog - Medium
D
Docker
Vercel News
Vercel News
云风的 BLOG
云风的 BLOG
月光博客
月光博客
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
D
DataBreaches.Net
IT之家
IT之家
V
V2EX
人人都是产品经理
人人都是产品经理
F
Fortinet All Blogs
J
Java Code Geeks
酷 壳 – CoolShell
酷 壳 – CoolShell
博客园 - 叶小钗
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
雷峰网
雷峰网
博客园 - Franky
Hugging Face - Blog
Hugging Face - Blog
有赞技术团队
有赞技术团队
aimingoo的专栏
aimingoo的专栏
MongoDB | Blog
MongoDB | Blog
P
Privacy International News Feed
F
Full Disclosure
P
Proofpoint News Feed
B
Blog RSS Feed
T
Tor Project blog
T
The Blog of Author Tim Ferriss
B
Blog
Webroot Blog
Webroot Blog
腾讯CDC
T
Troy Hunt's Blog
T
Tailwind CSS Blog
H
Heimdal Security Blog
AWS News Blog
AWS News Blog
G
Google Developers Blog
Spread Privacy
Spread Privacy
NISL@THU
NISL@THU
A
About on SuperTechFans
SecWiki News
SecWiki News
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
I
InfoQ
M
MIT News - Artificial intelligence
大猫的无限游戏
大猫的无限游戏
美团技术团队
L
LangChain Blog

Recent Commits to openclaw:main

test: merge chat side-result checks · openclaw/openclaw@ddd2c2a test: merge cron history checks · openclaw/openclaw@f7eb746 test: merge responsive navigation shell checks · openclaw/openclaw@c2e4b47 docs(changelog): add codex oauth fixes · openclaw/openclaw@628e6cd test: merge navigation routing cases · openclaw/openclaw@5d8cecb Tests: mock channel registry bundled fallback · openclaw/openclaw@2b08233 Secrets: avoid broad web search discovery for single plugin config · openclaw/openclaw@a464f59 test: merge config view browser checks · openclaw/openclaw@20cf511 fix(status): align oauth health with runtime · openclaw/openclaw@eed7116 feat: add macOS screen snapshots for monitor preview (#67954) thanks … · openclaw/openclaw@f377db1 fix: report shared auth scopes in hello-ok (#67810) thanks @BunsDev · openclaw/openclaw@0b6c39b Auto-reply: avoid eager bundled route fallback · openclaw/openclaw@3ea1bf4 Tests: narrow session binding contract setup · openclaw/openclaw@54e4e16 fix(macOS): enable undo/redo in webchat composer text input (#34962) · openclaw/openclaw@00951dc Tests: speed up channel setup promotion · openclaw/openclaw@82b529a Docs: refresh agent instructions · openclaw/openclaw@5775fe2 fix(auth): serialize OAuth refresh across agents to fix #26322 (#67876) · openclaw/openclaw@8e79080 test: allow ollama public surface boundary test · openclaw/openclaw@7d4f1a6 Docs: add test performance guardrails · openclaw/openclaw@89706d3 Tests: restore context-engine usage proof · openclaw/openclaw@e4c4f95 Tests: slim context engine runtime coverage · openclaw/openclaw@74c198f ci: retry failed custom checkouts · openclaw/openclaw@0ee5baf test: trim duplicate provider auth onboarding cases · openclaw/openclaw@1ffc02e matrix: fix sessions_spawn --thread subagent session spawning (#67643) · openclaw/openclaw@1ce2596 test: reduce auth choice fixture churn · openclaw/openclaw@857b9cd test: mock health status config boundaries · openclaw/openclaw@9d5ab4a test: mock onboard config io boundary · openclaw/openclaw@299694d test: mock legacy state plugin boundaries · openclaw/openclaw@2713089 test: mock channel install boundaries · openclaw/openclaw@b945248 test: mock doctor preview channel boundaries · openclaw/openclaw@b1a3ad4 test: trim doctor command hotspots · openclaw/openclaw@c66f16a test: isolate agent auth and spawn hotspots · openclaw/openclaw@9285935 test: stabilize MCP startup disposal race · openclaw/openclaw@dd9d2eb test: merge browser contract server suites · openclaw/openclaw@5817a76 test: narrow ollama provider discovery setup · openclaw/openclaw@a0d9598 build: declare qa-lab aimock runtime dependency · openclaw/openclaw@24431e5 test: speed up safe-bins exec harness · openclaw/openclaw@ee856ab test: preserve tool helpers in embedded runner mocks · openclaw/openclaw@acd86a0 refactor: move memory embeddings into provider plugins · openclaw/openclaw@77e6e4c test: reuse system-run temp fixtures · openclaw/openclaw@7e9ff0f test: trim hotspot wait overhead · openclaw/openclaw@12a59b0 Check: avoid duplicate boundary prep · openclaw/openclaw@baf11b8 test: reduce hotspot fixture overhead · openclaw/openclaw@3a59edd feat(ui): overhaul settings and slash command UX (#67819) thanks @Bun… · openclaw/openclaw@2cfb660 QA Matrix: exit cleanly on failure · openclaw/openclaw@42805d2 QA Matrix: isolate scenario coverage · openclaw/openclaw@7e659e1 Matrix: refresh crypto bootstrap state · openclaw/openclaw@94081d8 QA Lab: add provider registry · openclaw/openclaw@bb7e982 Matrix: add plugin changelog · openclaw/openclaw@4acab55 test: trim more hotspot overhead · openclaw/openclaw@f485311 test: trim remaining hotspot tests · openclaw/openclaw@6ba8626 test: narrow hotspot mocks · openclaw/openclaw@dbc8179 test: isolate gemini embedding request helpers · openclaw/openclaw@cd330f5 test: trim memory and mcp hotspots · openclaw/openclaw@fd48dfa test: slim provider registry mocks · openclaw/openclaw@2e08c77 test: harden Parallels update smoke · openclaw/openclaw@1a98090 feat: default Anthropic to Opus 4.7 · openclaw/openclaw@628b454 fix: harden node-host shell payload mutability checks · openclaw/openclaw@75c551e fix: land node-host approval binding for native binaries (#66731) (th… · openclaw/openclaw@29919bb CI: add daily schedule to CodeQL workflow (#67645) · openclaw/openclaw@69d25f5 fix(gateway): capture config hash after plugin auto-enable to prevent… · openclaw/openclaw@8c11210 fix: repair sanitized replay tool results before send (#67620) (thank… · openclaw/openclaw@c3c7a99 fix: restrict HTML timeout short-circuit to transient statuses · openclaw/openclaw@de129a6 fix: keep TUI watchdog bound to active run (#67401) (thanks @xantorres) · openclaw/openclaw@3525273 Gateway/skills: dedupe skills prefix-match + drop dead fallback on log · openclaw/openclaw@d7f489f Extensions/lmstudio: back off inference preload after consecutive fai… · openclaw/openclaw@b555214 TUI/streaming: add watchdog that resets the activity indicator after … · openclaw/openclaw@f44ab20 Agents/tool-loop: enable unknown-tool stream guard by default · openclaw/openclaw@36ed367 Gateway/skills: invalidate session skills snapshot on config write · openclaw/openclaw@b23d59a fix: classify HTML provider error pages correctly (#67642) (thanks @s… · openclaw/openclaw@e588e90 fix(skills): remove unused model-usage import (#67641) · openclaw/openclaw@55f05df docs(changelog): credit codex fix superseded PRs · openclaw/openclaw@e485f24 fix(openai-codex): normalize stale transport metadata in resolution a… · openclaw/openclaw@90801ba CI: pin Docker-related GitHub Actions (#67632) · openclaw/openclaw@f697b01 Android: modernize WebView and discovery API usage (#67627) · openclaw/openclaw@44a6e50 fix(deps): bump hono to 4.12.14 and @hono/node-server to 1.19.14 (GHS… · openclaw/openclaw@fbccc18 fix(deps): bump dompurify to 3.4.0 (#67614) · openclaw/openclaw@2c2dc00 CI: add explicit permissions to all workflow jobs (fixes code-scannin… · openclaw/openclaw@01b7516 fix: register bundled TTS providers and route overrides correctly (#6… · openclaw/openclaw@6ea3cdd fix: align host tilde paths with OS home (#62804) (thanks @stainlu) · openclaw/openclaw@ecfaf64 fix: flush creds queue before reconnect socket open (#67464) (thanks … · openclaw/openclaw@405c63f fix: strip standalone <function> tool call tags from visible text (#6… · openclaw/openclaw@78df859 fix(agents): preserve cli session metadata before transcript persist … · openclaw/openclaw@898fd04 docs(changelog): move cli transcript entry · openclaw/openclaw@c1817c6 fix(agents): normalize cli transcript api field · openclaw/openclaw@3a3fae0 docs(changelog): note cli transcript persistence · openclaw/openclaw@6c343f1 fix(agents): persist cli transcript turns · openclaw/openclaw@b8ef507 fix(msteams): harden security-sensitive flows (#65841) · openclaw/openclaw@c56b56e [Dashboard] Fix exec approval modal overflow for long command content… · openclaw/openclaw@053c5b0 Docs: remove QA changelog entry · openclaw/openclaw@7fd5771 QA: fix private runtime source loading (#67428) · openclaw/openclaw@d5933af docs(gateway): correct protocol.md schema path, hello-ok example, aut… · openclaw/openclaw@489404d CI: pin Node 22 runners to 22.18.0 · openclaw/openclaw@4ffa621 models.authStatus: normalize provider ids + tighten env-backed escape… · openclaw/openclaw@f2fdb9d Update CHANGELOG.md · openclaw/openclaw@7694a92 test(parallels): clean up npm update guard jobs · openclaw/openclaw@045ea7b Plugins: prefer scanDir override paths · openclaw/openclaw@b2974da fix(dreaming): default storage.mode to "separate" so phase blocks sto… · openclaw/openclaw@8c392f0 fix(memory-core): skip dreaming transcript ingestion via session stor… · openclaw/openclaw@a1b01f0 fix: dedupe replayed exec.finished node events (#67281) · openclaw/openclaw@5dcf526
fix: route crabbox proof through brokered aws · openclaw/openclaw@a6aa483
vincentkoc · 2026-05-16 · via Recent Commits to openclaw:main

@@ -1,6 +1,6 @@

11

---

22

name: crabbox

3-

description: Use Crabbox for OpenClaw remote validation across Linux, macOS, Windows, and WSL2. Default to Blacksmith Testbox for broad Linux proof; includes direct Blacksmith and owned AWS/Hetzner fallback notes when Crabbox fails.

3+

description: Use Crabbox for OpenClaw remote validation across Linux, macOS, Windows, and WSL2. Default to the repo Crabbox config, use brokered AWS for normal broad proof, and keep Blacksmith Testbox as an explicit opt-in or outage diagnostic path.

44

---

5566

# Crabbox

@@ -9,9 +9,15 @@ Use Crabbox when OpenClaw needs remote Linux proof for broad tests, CI-parity

99

checks, secrets, hosted services, Docker/E2E/package lanes, warmed reusable

1010

boxes, sync timing, logs/results, cache inspection, or lease cleanup.

111112-

Default backend: `blacksmith-testbox`. The separate `blacksmith-testbox` skill

13-

has been removed; this skill owns both the normal Crabbox path and the direct

14-

Blacksmith fallback playbook.

12+

Default backend: the repo `.crabbox.yaml`, currently brokered AWS. Do not

13+

override it to Blacksmith unless the user explicitly asks for Blacksmith proof,

14+

the task is specifically about Testbox behavior, or AWS/brokered Crabbox is the

15+

broken layer.

16+17+

Blacksmith Testbox is a delegated fallback, not the default router. If a

18+

Blacksmith run queues, fails capacity, fails auth, or cannot allocate, stop

19+

after one real attempt and switch to the repo default or report the blocker.

20+

Do not retry Blacksmith in a loop.

15211622

## First Checks

1723

@@ -28,9 +34,10 @@ pnpm crabbox:run -- --help | sed -n '1,120p'

28342935

- OpenClaw scripts prefer `../crabbox/bin/crabbox` when present. The user PATH

3036

shim can be stale.

31-

- Check `.crabbox.yaml` for repo defaults, but override provider explicitly.

32-

Even if config still says AWS, maintainer validation should normally pass

33-

`--provider blacksmith-testbox`.

37+

- Check `.crabbox.yaml` for repo defaults and honor them. For normal Linux

38+

validation, omit `--provider` so the wrapper uses brokered AWS.

39+

- Pass `--provider blacksmith-testbox` only for explicit Blacksmith/Testbox

40+

work or a deliberate comparison.

3441

- If a warm direct-provider lease smells stale, retry with `--full-resync`

3542

(alias `--fresh-sync`) before replacing the lease. This resets the remote

3643

workdir, skips the fingerprint fast path, reseeds Git when possible, and

@@ -54,7 +61,8 @@ pnpm crabbox:run -- --help | sed -n '1,120p'

5461

## macOS And Windows Targets

55625663

Use these only when the task needs an existing non-Linux host. OpenClaw broad

57-

validation still defaults to `blacksmith-testbox`.

64+

Linux validation uses the repo Crabbox config unless a provider is explicitly

65+

requested.

58665967

Crabbox supports static SSH targets:

6068

@@ -75,7 +83,7 @@ Crabbox supports static SSH targets:

7583

with `../crabbox/bin/crabbox run --help`, config/flag tests, and the Crabbox

7684

Go test suite.

778578-

## Default Blacksmith Backend

86+

## Default Brokered AWS Backend

79878088

Use this for `pnpm check`, `pnpm check:changed`, `pnpm test`,

8189

`pnpm test:changed`, Docker/E2E/live/package gates, or anything likely to fan

@@ -84,11 +92,7 @@ out across many Vitest projects.

8492

Changed gate:

85938694

```sh

87-

pnpm crabbox:run -- --provider blacksmith-testbox \

88-

--blacksmith-org openclaw \

89-

--blacksmith-workflow .github/workflows/ci-check-testbox.yml \

90-

--blacksmith-job check \

91-

--blacksmith-ref main \

95+

pnpm crabbox:run -- \

9296

--idle-timeout 90m \

9397

--ttl 240m \

9498

--timing-json \

@@ -99,11 +103,7 @@ pnpm crabbox:run -- --provider blacksmith-testbox \

99103

Full suite:

100104101105

```sh

102-

pnpm crabbox:run -- --provider blacksmith-testbox \

103-

--blacksmith-org openclaw \

104-

--blacksmith-workflow .github/workflows/ci-check-testbox.yml \

105-

--blacksmith-job check \

106-

--blacksmith-ref main \

106+

pnpm crabbox:run -- \

107107

--idle-timeout 90m \

108108

--ttl 240m \

109109

--timing-json \

@@ -114,11 +114,7 @@ pnpm crabbox:run -- --provider blacksmith-testbox \

114114

Focused rerun:

115115116116

```sh

117-

pnpm crabbox:run -- --provider blacksmith-testbox \

118-

--blacksmith-org openclaw \

119-

--blacksmith-workflow .github/workflows/ci-check-testbox.yml \

120-

--blacksmith-job check \

121-

--blacksmith-ref main \

117+

pnpm crabbox:run -- \

122118

--idle-timeout 90m \

123119

--ttl 240m \

124120

--timing-json \

@@ -128,19 +124,18 @@ pnpm crabbox:run -- --provider blacksmith-testbox \

128124129125

Read the JSON summary. Useful fields:

130126131-

- `provider`: should be `blacksmith-testbox`

132-

- `leaseId`: `tbx_...`

133-

- `syncDelegated`: should be `true`

127+

- `provider`: should normally be `aws`

128+

- `leaseId`: `cbx_...`

129+

- `syncDelegated`: should normally be `false`

134130

- `commandPhases`: populated when the command prints `CRABBOX_PHASE:<name>`

135131

- `commandMs` / `totalMs`

136132

- `exitCode`

137133138-

Crabbox should stop one-shot Blacksmith Testboxes automatically after the run.

139-

Verify cleanup when a run fails, is interrupted, or the command output is

140-

unclear:

134+

Crabbox should stop one-shot AWS leases automatically after the run. Verify

135+

cleanup when a run fails, is interrupted, or the command output is unclear:

141136142137

```sh

143-

blacksmith testbox list

138+

../crabbox/bin/crabbox list --provider aws

144139

```

145140146141

## Observability Flags

@@ -331,13 +326,13 @@ Interactive CLI/onboarding:

331326332327

## Reuse And Keepalive

333328334-

For most Blacksmith-backed Crabbox calls, one-shot is enough. Use reuse only

335-

when you need multiple manual commands on the same hydrated box.

329+

For most Crabbox calls, one-shot is enough. Use reuse only when you need

330+

multiple manual commands on the same hydrated box.

336331337332

If Crabbox returns a reusable id or you intentionally keep a lease:

338333339334

```sh

340-

pnpm crabbox:run -- --provider blacksmith-testbox --id <tbx_id> --no-sync --timing-json --shell -- "pnpm test <path>"

335+

pnpm crabbox:run -- --id <cbx_id-or-slug> --no-sync --timing-json --shell -- "pnpm test <path>"

341336

```

342337343338

Stop boxes you created before handoff:

@@ -386,14 +381,16 @@ WebVNC portal, and opens the portal. Keep browsers windowed for human QA; use

386381

## If Crabbox Fails

387382388383

Keep the fallback narrow. First decide whether the failure is Crabbox itself,

389-

Blacksmith/Testbox, repo hydration, sync, or the test command.

384+

the brokered AWS lease, Blacksmith/Testbox, repo hydration, sync, or the test

385+

command.

390386391387

Fast checks:

392388393389

```sh

394390

command -v crabbox

395391

../crabbox/bin/crabbox --version

396-

crabbox run --provider blacksmith-testbox --help | sed -n '1,140p'

392+

pnpm crabbox:run -- --help | sed -n '1,140p'

393+

../crabbox/bin/crabbox doctor

397394

command -v blacksmith

398395

blacksmith --version

399396

blacksmith testbox list

@@ -403,36 +400,36 @@ Common Crabbox-only failures:

403400404401

- Provider missing or old CLI: use `../crabbox/bin/crabbox` from the sibling

405402

repo, or update/install Crabbox before retrying.

406-

- Bad local config: pass `--provider blacksmith-testbox` plus explicit

407-

`--blacksmith-*` flags instead of relying on `.crabbox.yaml`.

408-

- Slug/claim confusion: use the raw `tbx_...` id, or run one-shot without

409-

`--id`.

403+

- Bad local config: inspect `.crabbox.yaml`, `crabbox config show`, and

404+

`crabbox whoami`; normal OpenClaw proof should use brokered AWS without

405+

asking for cloud keys.

406+

- Slug/claim confusion: use the raw `cbx_...` / `tbx_...` id, or run one-shot

407+

without `--id`.

410408

- Sync/timing bug: add `--debug --timing-json`; capture the final JSON and the

411409

printed Actions URL. Large sync warnings now include top source directories

412410

by file count and a hint to update `.crabboxignore` / `sync.exclude`; inspect

413411

those before reaching for `--force-sync-large`. Quiet rsync watchdogs and SSH

414412

timeouts now print `next_action=` hints; follow them, usually `--full-resync`

415413

first and a fresh lease second.

416-

- Cleanup uncertainty: run `blacksmith testbox list` and stop only boxes you

414+

- Cleanup uncertainty: run `crabbox list --provider aws`; for explicit

415+

Blacksmith runs, use `blacksmith testbox list` and stop only boxes you

417416

created.

418-

- Testbox queued/capacity pressure: do not convert a broad changed gate or full

419-

suite into local `OPENCLAW_LOCAL_CHECK_MODE=throttled pnpm ...`. Leave the

420-

remote lane queued, switch to a narrower targeted local check, or stop and

421-

report the capacity blocker.

417+

- Testbox queued/capacity pressure: do not retry Blacksmith repeatedly. Rerun

418+

once without `--provider` so `.crabbox.yaml` routes to brokered AWS, or report

419+

the Blacksmith blocker if Testbox itself is the requested proof.

422420423-

If Crabbox cannot dispatch, sync, attach, or stop but Blacksmith itself works,

424-

first try the same command through the repo wrapper with `--debug` and

425-

`--timing-json`:

421+

If brokered AWS cannot dispatch, sync, attach, or stop, retry once with

422+

`--debug` and `--timing-json`:

426423427424

```sh

428-

pnpm crabbox:run -- --provider blacksmith-testbox --debug --timing-json -- \

425+

pnpm crabbox:run -- --debug --timing-json -- \

429426

CI=1 NODE_OPTIONS=--max-old-space-size=4096 OPENCLAW_TEST_PROJECTS_PARALLEL=6 OPENCLAW_VITEST_MAX_WORKERS=1 OPENCLAW_VITEST_NO_OUTPUT_TIMEOUT_MS=900000 pnpm test:changed

430427

```

431428432429

Full suite:

433430434431

```sh

435-

pnpm crabbox:run -- --provider blacksmith-testbox --debug --timing-json -- \

432+

pnpm crabbox:run -- --debug --timing-json -- \

436433

CI=1 NODE_OPTIONS=--max-old-space-size=4096 OPENCLAW_TEST_PROJECTS_PARALLEL=6 OPENCLAW_VITEST_MAX_WORKERS=1 OPENCLAW_VITEST_NO_OUTPUT_TIMEOUT_MS=900000 pnpm test

437434

```

438435

@@ -451,9 +448,10 @@ Raw Blacksmith footguns:

451448

- Treat `blacksmith testbox list` as cleanup diagnostics, not a shared reusable

452449

queue.

453450454-

Escalate to owned AWS/Hetzner only when Blacksmith is down, quota-limited,

455-

missing the needed environment, or owned capacity is the explicit goal. Use the

456-

Owned Cloud Fallback section below.

451+

Use Blacksmith only when the task is specifically about Testbox, brokered AWS

452+

is unavailable, or an explicit comparison is needed. If Blacksmith is down or

453+

quota-limited, do not keep probing it; stay on brokered AWS and note the

454+

delegated-provider outage.

457455458456

## Blacksmith Backend Notes

459457

@@ -489,13 +487,14 @@ Important Blacksmith footguns:

489487

blacksmith auth login --non-interactive --organization openclaw

490488

```

491489492-

## Owned Cloud Fallback

490+

## Brokered AWS

493491494-

Use AWS/Hetzner only when Blacksmith is down, quota-limited, missing the needed

495-

environment, or owned capacity is explicitly the goal.

492+

Use AWS for normal OpenClaw remote proof. The repo `.crabbox.yaml` already

493+

selects brokered AWS, so omit `--provider` unless you are testing a different

494+

provider deliberately.

496495497496

```sh

498-

pnpm crabbox:warmup -- --provider aws --class beast --market on-demand --idle-timeout 90m

497+

pnpm crabbox:warmup -- --class beast --market on-demand --idle-timeout 90m

499498

pnpm crabbox:hydrate -- --id <cbx_id-or-slug>

500499

pnpm crabbox:run -- --id <cbx_id-or-slug> --timing-json --shell -- "env NODE_OPTIONS=--max-old-space-size=4096 OPENCLAW_TEST_PROJECTS_PARALLEL=6 OPENCLAW_VITEST_MAX_WORKERS=1 OPENCLAW_VITEST_NO_OUTPUT_TIMEOUT_MS=900000 pnpm test:changed"

501500

pnpm crabbox:stop -- <cbx_id-or-slug>

@@ -519,8 +518,8 @@ crabbox whoami

519518

- If broker auth is missing, run `crabbox login --url https://crabbox.openclaw.ai --provider aws`.

520519

- If the CLI asks for `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, or AWS

521520

profile setup during normal OpenClaw validation, assume the agent selected

522-

the wrong path. Use brokered `crabbox login`, `--provider blacksmith-testbox`,

523-

or an existing brokered lease before asking the user for cloud credentials.

521+

the wrong path. Use brokered `crabbox login` or an existing brokered lease

522+

before asking the user for cloud credentials.

524523

- Ask for AWS keys only for explicit direct-provider/account administration,

525524

not for normal brokered OpenClaw proof.

526525

- Trusted automation may still use

@@ -533,8 +532,7 @@ macOS config lives at:

533532

```

534533535534

It should include `broker.url`, `broker.token`, and usually `provider: aws`

536-

for owned-cloud lanes. Do not let that config override the OpenClaw default

537-

when Blacksmith proof is requested; pass `--provider blacksmith-testbox`.

535+

for OpenClaw lanes. Let that config drive normal validation.

538536539537

### Interactive Desktop / WebVNC

540538

@@ -572,14 +570,15 @@ Use `--market spot|on-demand` only on AWS warmup/one-shot runs.

572570

## Failure Triage

573571574572

- Crabbox cannot find provider: verify `../crabbox/bin/crabbox --help` lists

575-

`blacksmith-testbox`; update Crabbox before falling back.

573+

the provider selected by `.crabbox.yaml`; update Crabbox before falling back.

576574

- Hydration stuck or failed: open the printed GitHub Actions run URL and inspect

577575

the hydration step.

578576

- Sync failed: rerun with `--debug`; check changed-file count and whether the

579577

checkout is dirty.

580578

- Command failed: rerun only the failing shard/file first. Do not rerun a full

581579

suite until the focused failure is understood.

582-

- Cleanup uncertain: `blacksmith testbox list`; stop owned `tbx_...` leases you

580+

- Cleanup uncertain: `crabbox list --provider aws`; for explicit Blacksmith

581+

runs, use `blacksmith testbox list` and stop owned `tbx_...` leases you

583582

created.

584583

- Crabbox broken but Blacksmith works: use the direct Blacksmith fallback above,

585584

then file/fix the Crabbox issue.