← Back to Skills Marketplace
jameseball

Clawdio

by JamesEBall · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
970
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install jameseball-clawdio
Description
Secure P2P communication for AI agents. Noise XX handshake, XChaCha20-Poly1305 encryption, connection consent, human verification. Zero central servers.
README (SKILL.md)

Clawdio

Minimal secure peer-to-peer communication for AI agents. Two agents exchange a connection string, perform a Noise XX handshake, then communicate over encrypted channels. No central server required.

When to Use

  • Agent-to-agent communication across machines or networks
  • Secure task delegation between sub-agents on different hosts
  • Any scenario requiring encrypted, authenticated P2P messaging

Setup

The Clawdio project lives at projects/clawdio/. Install dependencies and build:

cd projects/clawdio && npm install && npx tsc

Quick Start

const { Clawdio } = require('./projects/clawdio/dist/index.js');

// Create two nodes
const alice = await Clawdio.create({ port: 9090, autoAccept: true });
const bob = await Clawdio.create({ port: 9091, autoAccept: true });

// Connect (Noise XX handshake)
const aliceId = await bob.exchangeKeys(alice.getConnectionString());

// Send messages
await bob.send(aliceId, { task: "What's the weather?" });
alice.onMessage((msg, from) => console.log(msg.task));

Connection Consent (Recommended)

By default, unknown inbound peers require explicit consent:

const node = await Clawdio.create({ port: 9090 }); // autoAccept defaults to false

node.on('connectionRequest', (req) => {
  console.log(`Connection from ${req.id}`);
  console.log(`Fingerprint: ${req.fingerprint}`);
  // Accept or reject
  node.acceptPeer(req.id);  // or node.rejectPeer(req.id)
});

Outbound connections (you calling exchangeKeys) are auto-accepted. Already-trusted peers auto-reconnect.

Human Verification

For high-trust scenarios, verify peers in person:

node.setOwner('Alice');
const code = node.getVerificationCode(peerId); // "torch lemon onyx prism jade index"
// Both humans compare codes in person, then:
node.verifyPeer(peerId); // trust: 'accepted' → 'human-verified'
node.getPeerTrust(peerId); // 'human-verified'

Trust Levels

  • pending — connection request received, not yet accepted
  • accepted — peer accepted, encrypted communication active
  • human-verified — verified via in-person code exchange

Persistent Identity

Pass identityPath to persist keys and trusted peers across restarts:

const node = await Clawdio.create({
  port: 9090,
  identityPath: '.clawdio-identity.json'
});

Sub-Agent Pattern

Spawn a sub-agent to handle Clawdio communication:

1. Main agent spawns sub-agent with task
2. Sub-agent creates Clawdio node, connects to remote peer
3. Sub-agent exchanges messages, collects results
4. Sub-agent reports back to main agent

Security Properties

  • Forward secrecy (ephemeral X25519 keys)
  • Mutual authentication (Noise XX)
  • Replay protection (monotonic counters)
  • XChaCha20-Poly1305 AEAD encryption
  • Connection consent for inbound peers

API Reference

Method Description
Clawdio.create(opts) Create and start a node
node.exchangeKeys(connStr) Connect to peer
node.send(peerId, msg) Send encrypted message
node.onMessage(handler) Listen for messages
node.acceptPeer(id) Accept pending connection
node.rejectPeer(id) Reject pending connection
node.setOwner(name) Set human owner name
node.getVerificationCode(id) Get 6-word verification code
node.verifyPeer(id) Mark peer as human-verified
node.getPeerTrust(id) Get trust level
node.getFingerprint(id) Emoji fingerprint
node.getPeerStatus(id) alive/stale/down
node.stop() Shutdown
Usage Guidance
This skill appears to implement P2P encrypted messaging, but review before installing: 1) Confirm file layout and build steps (SKILL.md references 'projects/clawdio/' but code is at repo root). 2) Inspect package.json dependencies to ensure no malicious npm packages will be pulled. 3) Run the code in a sandbox or isolated environment first, since it opens network ports, writes identity files, and may spawn subprocesses. 4) Avoid enabling 'autoAccept' in production; require human consent and verification. 5) If you do not want the model to start network listeners autonomously, set disableModelInvocation:true or restrict the skill to user-invocation only. If possible, request the author to fix the path mismatch and provide an explicit install spec and a security review of the crypto usage.
Capability Analysis
Type: OpenClaw Skill Name: jameseball-clawdio Version: 1.0.0 The skill implements a secure P2P communication protocol using strong cryptography (Noise XX handshake, XChaCha20-Poly1305). It utilizes network access (WebSockets) and file system access (`fs.readFileSync`, `fs.writeFileSync`) for its core functionality, specifically for persistent identity management (storing its own public/secret keys and trusted peers in a `.clawdio-identity.json` file). All high-risk capabilities are directly aligned with the stated purpose of a P2P communication agent with persistent identity. The `SKILL.md` documentation is purely instructional and descriptive, showing no signs of prompt injection attempts or instructions for malicious actions. Dependencies listed in `package.json` are standard and appropriate for the functionality.
Capability Assessment
Purpose & Capability
The code files (crypto, transport, protocol, CLI, index) align with the described P2P encrypted messaging purpose. However SKILL.md instructs building from 'projects/clawdio/' which does not match the manifest (source files are at repository root), an incoherence that could break install/run instructions or be a sign of sloppy packaging.
Instruction Scope
Runtime instructions tell operators/agents to run 'npm install' and 'npx tsc', start listeners on arbitrary ports, persist identities to disk (identityPath), and use a 'sub-agent' pattern (spawn processes). The doc also exposes an 'autoAccept' mode which accepts inbound peers automatically — this expands attack surface. These behaviors go beyond simple API calls and allow network listeners, disk writes, and process spawning, so they need explicit user consent and sandboxing.
Install Mechanism
There is no formal install spec, but SKILL.md instructs running 'npm install' which will fetch runtime dependencies from the public registry. The package.json is present in the bundle but its dependency list wasn't provided in the metadata. Running npm install at runtime can pull arbitrary packages; the mismatch in the expected path ('projects/clawdio/') vs actual layout increases risk of accidental execution of unexpected code.
Credentials
The skill requests no environment variables or credentials, which is coherent for a P2P library. However it implicitly requires network access (opening ports), filesystem access to persist identity/peer data, and the ability to spawn processes for the sub-agent pattern. These capabilities are not declared in requires.* fields and should be considered sensitive in many environments.
Persistence & Privilege
The skill is not configured with always:true, but disableModelInvocation is not set, so the model may be allowed to invoke the skill autonomously. Given the skill can start listeners and persist keys, allowing autonomous invocation without explicit user controls increases risk; consider requiring explicit user invocation or disabling model invocation for network-listening skills.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install jameseball-clawdio
  3. After installation, invoke the skill by name or use /jameseball-clawdio
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: Noise XX handshake, P2P encrypted agent comms, connection consent, human verification, heartbeat liveness
Metadata
Slug jameseball-clawdio
Version 1.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Clawdio?

Secure P2P communication for AI agents. Noise XX handshake, XChaCha20-Poly1305 encryption, connection consent, human verification. Zero central servers. It is an AI Agent Skill for Claude Code / OpenClaw, with 970 downloads so far.

How do I install Clawdio?

Run "/install jameseball-clawdio" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Clawdio free?

Yes, Clawdio is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Clawdio support?

Clawdio is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Clawdio?

It is built and maintained by JamesEBall (@jameseball); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments