1. Install the skill and pair
Clone the LetsPing OpenClaw skill into your workspace and install dependencies. Then open the pairing page to link this terminal to your LetsPing account. You only need to do this once per machine or gateway.
git clone https://github.com/CordiaLabs/openclaw-skill ~/.openclaw/workspace/skills/letsping cd ~/.openclaw/workspace/skills/letsping npm install
Restart your OpenClaw gateway. Then go to letsping.co/openclaw/pair and follow the pairing flow. You will get a LETS_PING_SECRET. Put it in ~/.openclaw/openclaw.json under skills.entries.letsping.env.LETS_PING_SECRET.
Full install and config are in the OpenClaw integration docs and the skill README.
2. Tell your agent to call letsping_ask before high-risk actions
Add this to your agent system prompt or AGENTS.md. The agent keeps full authority for safe actions (read files, search, analyze). For anything destructive, financial, social, or infra-related, it must call letsping_ask first and use only the returned payload after you approve (or patch).
You MUST call letsping_ask BEFORE any high-risk action. High-risk includes: - Financial: spending, transactions, bookings over $10 - Destructive: delete/overwrite files, DB rows, configs - Social: posting publicly, DMs/emails to new contacts - Infrastructure: DNS, env vars, deployments, permissions Provide: tool_name, args_json (stringified), risk_reason. If APPROVED: use ONLY the returned executed_payload. If REJECTED or timeout: abort or ask for guidance.
3. One example: approve a production deploy
When your agent is about to run a production deploy with a force flag, it calls the skill instead of executing directly. You see the request in the LetsPing PWA (or dashboard), patch the payload if needed, then approve. The agent resumes with the authorized payload only.
letsping_ask(
tool_name: "vercel_deploy",
args_json: "{\"project\":\"my-app\",\"env\":\"production\",\"force\":true}",
risk_reason: "Production deployment with force flag"
)After you approve (or edit and approve), the skill returns the payload. The agent then runs the real deploy with that payload. No second guesswork, no blind execution.
What you get
The LetsPing skill is the OpenClaw security skill for human approval: one tool, one flow. Payloads are encrypted on the agent and only decrypted on your paired device when you review. The relay and database never see plaintext. Use a strong model (e.g. Claude Opus, GPT-4o) so the agent does not skip the call; add a few few-shot examples in your prompt for best reliability.
For full reference (env vars, troubleshooting, and prompt snippets), see the API docs and the OpenClaw integration page.