← Back to Skills Marketplace
codenamelokcon

量子密信-Openclaw对接

by codenamelokcon · GitHub ↗ · v1.0.2
cross-platform ⚠ suspicious
581
Downloads
1
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install quantum-messenger
Description
帮助中国电信同人及客户实现通过量子密信调用 OpenClaw 机器人。支持文本、图片、附件及状态栏反馈。
Usage Guidance
This skill appears to implement the advertised Quantum Messenger <-> OpenClaw bridge, but it has concrete implementation risks you should address before deploying: - Command injection risk: the code builds a shell command with unescaped JSON (exec). Replace exec with a safe invocation (child_process.spawn with argument array) or otherwise sanitize input to avoid arbitrary command execution. - Arbitrary-file upload / exfiltration: the listener will upload any local file path returned by the AI (IMAGE:/FILE:) to an external host (imtwo.zdxlz.com). Restrict what paths are allowed, run the service with least filesystem privileges, and audit what files might be accessible. - Plain HTTP + key-in-query: the upload/send endpoints use http and include QUANTUM_KEY in the URL query string, which exposes credentials in transit and in logs. Use HTTPS endpoints and send auth in headers where possible. Verify whether imtwo.zdxlz.com is an official/trusted Quantum Messenger endpoint; if not, do not send sensitive data. - Network trust and isolation: run this service in a locked-down container or VM with minimal privileges and limited outbound network access to only the known Quantum endpoints. Monitor logs for unexpected uploads. - Additional checks: confirm the ownership/trustworthiness of the imtwo.zdxlz.com host; audit and pin the OpenClaw CLI binary you run; rotate QUANTUM_KEY after testing. If you cannot confirm the upstream endpoint and cannot harden command execution and file-access logic, treat this skill as risky and avoid deploying it on systems that hold sensitive data.
Capability Analysis
Type: OpenClaw Skill Name: quantum-messenger Version: 1.0.2 The skill contains a significant command injection vulnerability in `scripts/listener.mjs` where user-provided content is passed to `child_process.exec` via the OpenClaw CLI. Furthermore, the logic in `listener.mjs` that parses AI responses for `IMAGE:` or `FILE:` prefixes and automatically uploads the referenced paths to an external endpoint (`imtwo.zdxlz.com`) creates a high risk of arbitrary file exfiltration if the AI is manipulated. While these appear to be architectural flaws rather than intentional malware, the combination of remote command execution risk and file access makes the bundle unsafe for production without sanitization.
Capability Assessment
Purpose & Capability
Name/description match the code: listener receives webhook messages and forwards them to OpenClaw, then returns text/media via the Quantum Messenger webhook. Required binary (node) and QUANTUM_KEY credential are appropriate for this integration. The script expects an installed OpenClaw CLI (documented in README), so the requested items are proportionate to the declared purpose.
Instruction Scope
The runtime instructions and code go beyond simple message forwarding in risky ways: the listener executes a shell command 'openclaw agent --message <json>' by interpolating JSON directly into a shell string (child_process.exec), which makes the host vulnerable to command injection from attacker-controlled input. The listener also inspects AI responses for local file paths (IMAGE:/FILE:) and, if present, will read arbitrary local files and upload them to an external endpoint — this can exfiltrate sensitive files from the server. Network calls use plain HTTP with the QUANTUM_KEY in query strings, exposing the key in transit and logs. These behaviors are functional for the feature set but are high-risk and should be hardened.
Install Mechanism
No external install spec (instruction-only with included scripts) — low install risk. The code does not pull remote archives or execute installation downloads. The README asks operators to ensure OpenClaw is installed separately; that is consistent and expected.
Credentials
Only QUANTUM_KEY (and optionally QUANTUM_PORT) are required — that is proportionate. However, the code transmits that key in plaintext over HTTP to imtwo.zdxlz.com and uses it as a direct query parameter for upload/send operations, which increases credential exposure risk. The single env var is sensible, but transport and endpoint selection weaken that proportionality.
Persistence & Privilege
The skill does not request always:true or other elevated platform privileges; it is user-invocable and does not auto-enable itself. It does run a persistent HTTP server (normal for webhook integrations) but does not modify other skills or system-wide agent settings.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install quantum-messenger
  3. After installation, invoke the skill by name or use /quantum-messenger
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
- Version bump from 1.0.1 to 1.0.2 with no functional or content changes. - No files were modified in this release.
v1.0.1
- Added skill metadata specifying required binaries (node) and environment variable (QUANTUM_KEY) - Fixed slug naming - Standardized the skill name format in metadata - Updated skill version to 1.0.1
v1.0.0
## 🌟 简介 本技能旨在帮助 **中国电信的同事** 及 **使用中国电信量子密信的客户** 实现通过量子密信调用 OpenClaw 机器人。 通过此技能,您可以将量子密信作为 AI 机器人的前端界面,实现文本对话、图片生成、文件传输等多种交互功能,并能在回复中实时查看到 AI 模型的运行状态(CTX、时间等)。 ## 👤 作者信息 - **作者**: 上海电信政支中心/量子能力中心 技术经理 程沛及他的openclaw机器人助手:1号机(Gemini) - **联系方式**: 18918115454 - **邮箱**: [[email protected]]
Metadata
Slug quantum-messenger
Version 1.0.2
License
All-time Installs 0
Active Installs 0
Total Versions 3
Frequently Asked Questions

What is 量子密信-Openclaw对接?

帮助中国电信同人及客户实现通过量子密信调用 OpenClaw 机器人。支持文本、图片、附件及状态栏反馈。 It is an AI Agent Skill for Claude Code / OpenClaw, with 581 downloads so far.

How do I install 量子密信-Openclaw对接?

Run "/install quantum-messenger" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is 量子密信-Openclaw对接 free?

Yes, 量子密信-Openclaw对接 is completely free (open-source). You can download, install and use it at no cost.

Which platforms does 量子密信-Openclaw对接 support?

量子密信-Openclaw对接 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created 量子密信-Openclaw对接?

It is built and maintained by codenamelokcon (@codenamelokcon); the current version is v1.0.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments