← Back to Skills Marketplace
letsping
by
Cordia Maintainer
· GitHub ↗
· v0.3.5
324
Downloads
0
Stars
5
Active Installs
3
Versions
Install in OpenClaw
/install letsping
Description
Human-in-the-loop approval for high-risk agent actions (sudo protocol). Agent must call letsping_ask before destructive/financial/social/infra changes.
README (SKILL.md)
\r \r
Install (runtime)\r
\r
This registry entry is instruction-only. The letsping_ask runtime is provided by the npm package @letsping/openclaw-skill. Use one of:\r
\r
- npm:
npm install @letsping/openclaw-skill(then register the skill in your OpenClaw workspace so it loadsletsping_ask).\r - Clone:
git clone https://github.com/CordiaLabs/openclaw-skill ~/.openclaw/workspace/skills/letsping && cd ~/.openclaw/workspace/skills/letsping && npm install.\r \r SetLETSPING_API_KEY(your LetsPing agent key, e.g.lp_live_...) in the skill's env. Obtain it at https://letsping.co/openclaw/pair or via LetsPing's Agent Credentials API. Treat this key as highly sensitive; use a dedicated agent key and revoke if compromised.\r \r
Usage\r
\r
This skill provides the letsping_ask tool, a secure escalation point for high risk actions. The agent calls it, blocks until your approval/patch/reject via the LetsPing PWA, then resumes with the authorized payload only.\r
\r
Critical: Use frontier models (e.g., Claude Opus, GPT-4o or better) to minimize prompt bypass risk. Smaller models are vulnerable to drift/injection.\r
\r
Copy-paste this into your workspace TOOLS.md or AGENTS.md (or append to system prompt):\r
\r
You have full autonomous authority for **SAFE** actions only: reading files/logs, web searches, viewing/analyzing data without side effects.\r
\r
You **MUST** call `letsping_ask` **BEFORE** any **HIGH-RISK** action—and **NEVER** execute the action directly. High-risk includes:\r
- Financial: Any spending, transactions, bookings > $10\r
- Destructive: Deleting/overwriting files, DB rows, configs\r
- Social: Posting publicly, sending DMs/emails to new contacts, or group chats\r
- Infrastructure: Modifying DNS, env vars, deployments, infra APIs, or permissions\r
\r
When escalating:\r
- Provide tool_name (exact tool, e.g., "system_run")\r
- args_json: Stringified JSON of the original arguments\r
- risk_reason: Clear, concise justification (e.g., "Potential file deletion")\r
\r
After the call returns:\r
- If APPROVED: Use **ONLY** the `executed_payload` / authorized payload (patched if edited)\r
- If REJECTED or TIMEOUT: Abort the action, retry with safer plan, or ask user for guidance\r
\r
Few-shot examples:\r
1. Safe (no call): browser_search(query: "current weather in NYC")\r
2. Risky deploy: letsping_ask(tool_name: "vercel_deploy", args_json: "{\"project\":\"my-app\",\"env\":\"production\",\"force\":true}", risk_reason: "Production deployment with force flag")\r
3. Risky delete: letsping_ask(tool_name: "system_run", args_json: "{\"cmd\":\"rm -rf /important/folder\"}", risk_reason: "Destructive file deletion")\r
4. Risky post: letsping_ask(tool_name: "discord_send", args_json: "{\"channel\":\"general\",\"message\":\"Accidental dump: ls ~\"}", risk_reason: "Potential data leak in public channel")\r
```\r
\r
**Test thoroughly in a sandbox session first**: simulate high risk plans and verify escalation rate (~90-95% reliable on strong models/prompts). If the agent skips calls, add more examples or tighten language.\r
\r
**Troubleshooting:**\r
\r
* **Agent ignores rule?** Strengthen with more few-shots or "ALWAYS escalate if any risk category matches."\r
* **Timeout/reject?** Agent prompt should handle gracefully (e.g., "If rejected, propose alternative").\r
Usage Guidance
This skill appears to do what it says, but it depends on a third-party npm package and an external service (letsping.co). Before installing: 1) Inspect the @letsping/openclaw-skill package source (or the GitHub repo) to confirm it only forwards approval requests and does not exfiltrate data. 2) Use a dedicated LETSPING_API_KEY with the least privileges possible and rotate/revoke it if needed. 3) Test in a sandbox agent first (verify the agent actually pauses and only uses approved payloads). 4) Check the npm package maintainers, recent publish history, and package integrity (version, checksum). 5) Monitor gateway logs and network calls after enabling the skill so you can detect unexpected behavior.
Capability Analysis
Type: OpenClaw Skill
Name: letsping
Version: 0.3.5
The letsping skill is a human-in-the-loop security tool designed to intercept high-risk agent actions (financial, destructive, social, or infrastructure changes) and require manual approval via the LetsPing service. It functions as a guardrail by providing instructions (SKILL.md) that mandate the AI agent use the letsping_ask tool before executing sensitive commands. The skill relies on an external npm package (@letsping/openclaw-skill) and requires a sensitive API key, but the provided documentation and metadata show no signs of malicious intent, data exfiltration, or unauthorized execution.
Capability Assessment
Purpose & Capability
Name/description request an approval gate for high-risk actions; the only declared environment requirement is LETSPING_API_KEY which is directly relevant to authenticating to the LetsPing approval service. The examples and required parameters (tool_name, args_json, risk_reason) align with the stated purpose.
Instruction Scope
SKILL.md instructs the agent to call letsping_ask before high-risk operations and to use only the authorized payload after approval. It does not ask the agent to read unrelated files, other credentials, or transmit data to unexpected endpoints beyond letsping.co and GitHub for install instructions.
Install Mechanism
The skill is instruction-only but tells users to install the npm package @letsping/openclaw-skill or clone a GitHub repo. This is expected for functionality but introduces typical third-party package risks (you must trust the npm package/repo). No arbitrary URL/extract install is suggested.
Credentials
Only LETSPING_API_KEY is required, which is proportionate to a service that mediates approvals. The README and SKILL.md explicitly call this key highly sensitive and advise using a dedicated key and revoking if compromised.
Persistence & Privilege
Skill does not request always:true and does not claim system-wide configuration changes. disable-model-invocation is false (normal). No config paths or other skills' credentials are requested.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install letsping - After installation, invoke the skill by name or use
/letsping - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.3.5
- This version is now instruction only, no code or implementation is included.
v0.3.4
- Distributed as an npm package (@letsping/openclaw-skill) rather than pure instruction/registry entry.
- Added installation instructions for both npm and Git clone.
- Registry entry is instruction-only; all runtime components provided by the npm skill package.
- Documentation improved for easier setup and understanding.
v0.3.3
- No functional or code changes specified, documentation and onboarding focused update.
Behavioral firewall + smart human-in-the-loop for agents.
Metadata
Frequently Asked Questions
What is letsping?
Human-in-the-loop approval for high-risk agent actions (sudo protocol). Agent must call letsping_ask before destructive/financial/social/infra changes. It is an AI Agent Skill for Claude Code / OpenClaw, with 324 downloads so far.
How do I install letsping?
Run "/install letsping" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is letsping free?
Yes, letsping is completely free (open-source). You can download, install and use it at no cost.
Which platforms does letsping support?
letsping is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created letsping?
It is built and maintained by Cordia Maintainer (@cordialabsio); the current version is v0.3.5.
More Skills