← Back to Skills Marketplace
Hey summon - provider
by
thomasansems
· GitHub ↗
· v0.1.0-beta
402
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install heysummon-provider
Description
Provides human-help support to AI agents via HeySummon by monitoring requests, sending notifications, and handling provider replies through a secure platform.
README (SKILL.md)
HeySummon Provider Skill
You are a human-help provider for AI agents via HeySummon.
Setup
Step 1: Configure .env
Check if .env exists in {baseDir}. If not, copy from .env.example:
cp {baseDir}/.env.example {baseDir}/.env
Required variables:
HEYSUMMON_BASE_URL— Platform URL (cloud:https://cloud.heysummon.ai, self-hosted: user provides)HEYSUMMON_API_KEY— Provider key (hs_prov_...) from the dashboardHEYSUMMON_NOTIFY_TARGET— Chat ID for notifications
Step 2: Validate key
The API key MUST start with hs_prov_. Reject keys with hs_cli_ prefix — those are client keys.
Step 3: Start the watcher
bash {baseDir}/scripts/setup.sh
To stop: bash {baseDir}/scripts/teardown.sh
Architecture
AI Agent → HeySummon Platform → SSE → Watcher → OpenClaw → Notification
All communication flows through the platform. No direct infrastructure access.
Scripts
| Script | Purpose |
|---|---|
scripts/setup.sh |
Start the event watcher |
scripts/teardown.sh |
Stop the watcher |
scripts/mercure-watcher.sh |
SSE listener → notifications via OpenClaw |
scripts/reply-handler.sh |
Reply by refCode: reply-handler.sh HS-XXXX "response" |
scripts/respond.sh |
Reply by request ID: respond.sh \x3Cid> "response" |
Reply-to-Respond
When the user replies to a 🦞 notification, parse the refCode (HS-XXXX) from the quoted message and use reply-handler.sh. Always forward immediately — no AI processing, no confirmation.
Statuses
| Status | Meaning |
|---|---|
pending |
Waiting for provider |
active |
Conversation in progress |
responded |
Provider sent a response |
closed |
Closed by either party |
expired |
No response within 72 hours |
Usage Guidance
Before installing, be aware this package expects provider credentials and access to your local OpenClaw gateway token even though the registry entry didn't declare them. Actionable checks: (1) Inspect .env.example and confirm you are comfortable providing HEYSUMMON_BASE_URL, HEYSUMMON_API_KEY (ensure it really is a provider key starting with hs_prov_) and HEYSUMMON_NOTIFY_TARGET. (2) Note the watcher reads ~/.openclaw/openclaw.json — if you install, that file's token will be used to call the local OpenClaw /tools/invoke endpoint; only install if you trust both the HeySummon platform and this code. (3) Run the watcher in an isolated environment (container or restricted VM) first, or run scripts manually to observe behavior. (4) Consider rotating the provider API key after testing, and prefer using least-privileged provider credentials. (5) If the registry metadata is supposed to declare required env vars, ask the publisher for an updated manifest that lists the HEYSUMMON_* vars and documents the OpenClaw token access. If you cannot verify the publisher or platform, do not run these scripts on a host containing sensitive keys.
Capability Analysis
Type: OpenClaw Skill
Name: heysummon-provider
Version: 0.1.0-beta
The skill is classified as suspicious due to the explicit prompt injection instruction in `SKILL.md` (`Always forward immediately — no AI processing, no confirmation.`), which instructs the AI agent to bypass its own processing and confirmation steps. While this is intended for the skill's direct relay functionality, it represents a significant vulnerability in the agent's safeguards. Additionally, the `scripts/mercure-watcher.sh` script accesses the `OPENCLAW_TOKEN` from `~/.openclaw/openclaw.json` and uses `pm2` or `nohup` for persistent execution, alongside making external network calls to a user-defined `HEYSUMMON_BASE_URL`. These capabilities, while justified by the skill's stated purpose, collectively present a high-risk profile and potential attack surface.
Capability Assessment
Purpose & Capability
The skill's behavior (SSE watcher, sending notifications via OpenClaw, replying via platform API) aligns with the stated provider purpose. However the registry metadata listed no required env vars/credentials while SKILL.md and scripts require HEYSUMMON_BASE_URL, HEYSUMMON_API_KEY, and HEYSUMMON_NOTIFY_TARGET; this mismatch is an incoherence in packaging/manifesting of required capabilities.
Instruction Scope
SKILL.md instructs installing and running a persistent watcher and to forward replies immediately. The watcher scripts do exactly that, but they also read and write files under the user's home (~/.heysummon-provider) and read a local OpenClaw gateway token from ~/.openclaw/openclaw.json — an access to local credentials not explicitly called out in the registry metadata or SKILL.md (SKILL.md mentions OpenClaw but does not state it will read your home token).
Install Mechanism
This is instruction-only (no package download or installer). The skill includes shell scripts that require curl, node, jq and optionally pm2/nohup. No remote binary downloads or opaque installs were observed, which lowers code-injection risk, but code files are present and will be executed when you run setup.sh.
Credentials
The scripts require HEYSUMMON_BASE_URL, HEYSUMMON_API_KEY (must be provider key hs_prov_*), and HEYSUMMON_NOTIFY_TARGET. They also read the OpenClaw gateway token from ~/.openclaw/openclaw.json to call the local OpenClaw /tools/invoke endpoint. None of these environment/credential accesses were declared in the registry metadata — reading the local gateway token in particular is sensitive because it lets the watcher authenticate to local agent tooling.
Persistence & Privilege
The skill runs a persistent background watcher (pm2 or nohup), writes application state to ~/.heysummon-provider and a PID/log file, and will autonomously invoke the local OpenClaw tool to deliver notifications. There is no 'always: true' privilege and it does not modify other skills, but the combination of persistent background execution plus access to the local OpenClaw token increases its effective reach on the host.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install heysummon-provider - After installation, invoke the skill by name or use
/heysummon-provider - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0-beta
HeySummon Provider Skill v1.0.0 – Initial Release
- Provides setup and usage instructions for integrating as a human-help provider on HeySummon.
- Documents required environment variables and validation for provider API keys.
- Details event watcher startup/teardown scripts for handling request notifications and replies.
- Explains the architecture and communication flow between AI agent, platform, and provider.
- Outlines reply flow and status codes for handling user requests efficiently.
Metadata
Frequently Asked Questions
What is Hey summon - provider?
Provides human-help support to AI agents via HeySummon by monitoring requests, sending notifications, and handling provider replies through a secure platform. It is an AI Agent Skill for Claude Code / OpenClaw, with 402 downloads so far.
How do I install Hey summon - provider?
Run "/install heysummon-provider" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Hey summon - provider free?
Yes, Hey summon - provider is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Hey summon - provider support?
Hey summon - provider is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Hey summon - provider?
It is built and maintained by thomasansems (@thomasansems); the current version is v0.1.0-beta.
More Skills