← Back to Skills Marketplace
Mediator
by
Dylan Turner
· GitHub ↗
· v1.0.0
1021
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install mediator
Description
Intercept and filter communications from difficult contacts. Strips emotion, extracts facts, drafts neutral responses. Use when setting up communication filtering for specific contacts, configuring the mediator, or processing intercepted messages. Triggers on "mediator", "intercept messages", "filter communications", "difficult contact", or requests to handle messages from someone the user doesn't want to deal with directly.
Usage Guidance
This package mostly does what it says (monitor local mail/iMessage, summarize via an LLM, and log results), but several red flags deserve attention before you run it:
- Hard-coded defaults: The init template includes specific Gmail addresses. Remove or replace these immediately—don't leave someone else's addresses in your config.
- External dependencies: The code calls an external script (~/clawd/scripts/gog-read.sh), the imsg CLI, and an 'llm' CLI. Inspect or replace those tools before use. The skill will only be as safe as those dependencies.
- Data leakage to LLMs: summarize.py invokes an 'llm' CLI which will forward message content to whatever model/backend your local CLI is configured to use. If you care about confidentiality, verify the llm CLI configuration (where API keys point, provider privacy), or modify the code to use an on-device model or to avoid sending full messages.
- Automatic installs: The scripts will pip-install PyYAML at runtime if missing. If you prefer controlled installs, install dependencies yourself first.
- Auto-respond risks: The configuration supports an 'auto' respond mode but the code doesn't implement sending responses; enabling auto-response in any integrated system without reviewing behavior would be dangerous. Prefer 'draft' mode and manual review.
- Inspect and sandbox: Before running, read the external gog-read.sh and any 'imsg' or 'llm' CLI you have installed. Run the skill in a limited/sandboxed environment or on a test account to confirm behavior. Consider removing or redacting any example accounts in the init template.
If you want to proceed, verify the external CLIs and where the LLM sends data, remove the hard-coded accounts, and test with non-sensitive data first.
Capability Analysis
Type: OpenClaw Skill
Name: mediator
Version: 1.0.0
The skill is classified as suspicious due to its heavy reliance on external, unverified CLI tools (`gog-read.sh`, `imsg`, `llm`) for core functionality, as seen in `scripts/process-email.py`, `scripts/process-imessage.py`, and `scripts/summarize.py`. While `subprocess.run` with a list of arguments mitigates direct shell injection at the point of invocation, the internal handling of user-controlled input (like sender email or phone number) by these external tools is unknown and could introduce command injection vulnerabilities. Additionally, the use of `os.system` for `pyyaml` dependency installation in `scripts/config-helper.py`, `scripts/process-email.py`, and `scripts/process-imessage.py` is a general security anti-pattern, even if the specific arguments are hardcoded. There is no clear evidence of intentional malicious behavior like data exfiltration to arbitrary external endpoints or backdoor installation, but the identified vulnerabilities and high-risk dependencies warrant a 'suspicious' classification.
Capability Assessment
Purpose & Capability
The code implements email and iMessage interception, summarization, and drafting as described. However, the default config written by init contains hard-coded Gmail accounts ([email protected], [email protected]) and the email processor calls an external script at ~/clawd/scripts/gog-read.sh (not included). Those defaults are unexpected for a generic 'mediator' skill and suggest the package was authored for a specific person's environment.
Instruction Scope
Instructions and scripts access local email and iMessage histories, write config/state/log files in ~/.clawdbot, and call an LLM via a local 'llm' CLI. Summarize.py will send message content to whichever model/backend the 'llm' CLI is configured to use (potentially sending private messages to remote providers). The SKILL.md mentions Gmail Pub/Sub real-time flow, but implementation actually polls via an external gog-read.sh. The skill reads and archives messages (archive stub exists) — that behavior is within purpose but is sensitive and the code relies on external CLIs/scripts that may have broader access.
Install Mechanism
There is no formal install spec, but the Python scripts auto-install PyYAML at runtime via pip if missing. That behavior runs network installs on first-run which may be surprising; otherwise nothing in the bundle downloads arbitrary remote code. The skill does rely on external CLIs (imsg, a local 'llm' CLI, and ~/clawd/scripts/gog-read.sh) which are not provided here.
Credentials
The skill declares no required environment variables or credentials, yet it depends on local tooling and account access (Gmail via gog-read.sh, imsg CLI, and the 'llm' CLI which typically requires API keys/config). The hard-coded gmail_accounts in init is disproportionate and potentially leaks the maintainer's addresses into your config. Notify channels (telegram/slack) are referenced but no tokens or delivery mechanisms are implemented — missing wiring/credentials are inconsistent with the promised integrations.
Persistence & Privilege
The skill does not request 'always' privilege, does not modify other skills, and confines files to ~/.clawdbot (config, logs, state). It suggests adding a cron/heartbeat entry (normal for a polling tool). No automatic enabling of other skills or system-wide changes are present.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install mediator - After installation, invoke the skill by name or use
/mediator - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of the Mediator skill – an emotional firewall for difficult communications.
- Intercepts messages from designated contacts, stripping emotional content and surfacing key facts.
- Offers facts-only summaries, neutral rewrites, or full messages with flagged language.
- Drafts suggested neutral responses; supports manual approval or (optionally) auto-response.
- Provides a command-line tool for contact management and message processing.
- Integrates with email and iMessage; supports notification via multiple channels.
- Designed for safety: archives originals, logs all actions, and includes safeguards for sensitive topics.
Metadata
Frequently Asked Questions
What is Mediator?
Intercept and filter communications from difficult contacts. Strips emotion, extracts facts, drafts neutral responses. Use when setting up communication filtering for specific contacts, configuring the mediator, or processing intercepted messages. Triggers on "mediator", "intercept messages", "filter communications", "difficult contact", or requests to handle messages from someone the user doesn't want to deal with directly. It is an AI Agent Skill for Claude Code / OpenClaw, with 1021 downloads so far.
How do I install Mediator?
Run "/install mediator" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Mediator free?
Yes, Mediator is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Mediator support?
Mediator is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Mediator?
It is built and maintained by Dylan Turner (@dylntrnr); the current version is v1.0.0.
More Skills