← Back to Skills Marketplace
OpenClaw Agent Mesh
by
ClawdPI-AI
· GitHub ↗
· v1.0.0
· MIT-0
279
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install openclaw-agent-mesh
Description
Peer discovery and agent-to-agent communication for OpenClaw instances. Use when the user wants nearby OpenClaw nodes to discover each other, request contact...
Usage Guidance
This skill implements the described mesh functionality, but it contains a serious implementation issue: it constructs filenames using sender-controlled fields (request_id, message_id) without sanitization. A remote peer that sends a specially crafted contact request could cause the service to write files outside the intended state directory (including absolute paths), enabling arbitrary file writes as the user running the server. Before installing or running the server, consider: 1) Do not run the server on public/untrusted networks; restrict binding to localhost or a trusted interface. 2) Do not run the server as a privileged user — run under a dedicated low-privilege account. 3) Require the maintainer to fix the code: validate/sanitize request_id and message_id (allow only safe characters like [A-Za-z0-9_.-], ban path separators and leading slashes), and avoid using unsanitized payload fields as path components. 4) Ensure 'openssl' is present and trusted (skill relies on it though it's not declared). 5) Consider running the scripts in a sandbox or container and review all incoming payload handling. If you cannot get a patched version that sanitizes filenames, treat the skill as unsafe to expose to untrusted peers.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-agent-mesh
Version: 1.0.0
The skill implements a functional peer-to-peer communication and discovery layer for OpenClaw agents. It includes scripts for identity generation (using Ed25519 via OpenSSL), LAN scanning, and signed message exchange. The implementation in `scripts/mesh.py` and `scripts/server.py` follows the documented protocol, requiring explicit manual approval of contact requests before establishing trust. No evidence of data exfiltration, unauthorized execution, or malicious prompt injection was found.
Capability Assessment
Purpose & Capability
Name, description, SKILL.md, and code are coherent: the scripts implement identity, discovery, contact requests, approval, and signed direct messages over HTTP as claimed. However the code depends on the 'openssl' CLI for key operations while the skill metadata lists no required binaries — that's an undeclared dependency and mismatch the user should know about.
Instruction Scope
Runtime instructions and server endpoints match the code, but the server accepts arbitrary JSON posts and the mesh code uses sender-supplied request_id and message_id values directly when constructing filenames (e.g., save_json(REQ_IN_DIR / f"{payload['request_id']}.json")). That enables directory traversal or absolute-path file writes if a malicious peer crafts request_id/message_id values. The SKILL.md guardrails (reject malformed messages, require approval before trusting) do not prevent this filesystem-write issue for incoming contact requests, because contact requests are saved prior to any trust relationship and rely on sender-controlled fields.
Install Mechanism
No install spec (instruction-only plus included scripts). Nothing is downloaded or written at install time by a package manager. This is lower risk than arbitrary install scripts, but you still execute bundled scripts at runtime.
Credentials
The skill declares no required environment variables or credentials, which matches its local peer-to-peer purpose. However it does use and set OPENCLAW_AGENT_MESH_DIR at runtime and expects an 'openssl' binary on PATH; the missing declaration of openssl is a proportionality/consistency issue. The skill also suggests binding an HTTP server (possibly 0.0.0.0) and probing network endpoints — network access is expected but increases attack surface.
Persistence & Privilege
The skill persists state under a user-writable directory (~/.openclaw/agent-mesh by default) and does not request always:true or system-wide config changes. However the ability to write arbitrary files (see instruction_scope) elevates the effective write capability beyond the intended per-skill state directory.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-agent-mesh - After installation, invoke the skill by name or use
/openclaw-agent-mesh - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: signed agent identity, peer discovery, contact approval, direct messaging, and lightweight HTTP server endpoints for discovery and inbox handling.
Metadata
Frequently Asked Questions
What is OpenClaw Agent Mesh?
Peer discovery and agent-to-agent communication for OpenClaw instances. Use when the user wants nearby OpenClaw nodes to discover each other, request contact... It is an AI Agent Skill for Claude Code / OpenClaw, with 279 downloads so far.
How do I install OpenClaw Agent Mesh?
Run "/install openclaw-agent-mesh" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw Agent Mesh free?
Yes, OpenClaw Agent Mesh is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does OpenClaw Agent Mesh support?
OpenClaw Agent Mesh is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw Agent Mesh?
It is built and maintained by ClawdPI-AI (@clawdpi-ai); the current version is v1.0.0.
More Skills