Description

Connect multiple OpenClaw instances across devices (VPS, MacBook, Mac Mini) for distributed agent collaboration. Enables clawdbot-to-clawdbot communication, cross-device @mentions, task assignment, and group chat. Use when you have OpenClaw running on multiple machines that need to communicate and collaborate.

README (SKILL.md)

ClawBot Network - Distributed OpenClaw Collaboration

Name: ClawBot Network
Author: howtimeschange

Connect your OpenClaw instances running on different devices (VPS, MacBook, Mac Mini) into a unified network where they can chat, collaborate, and assign tasks to each other.

Problem Solved

You have OpenClaw running on:

VPS (AWS EC2) - 老邢
MacBook Pro - 小邢
Mac Mini - 小金
Another Mac Mini - 小陈

But they can't communicate with each other. This skill creates a central server that connects all your OpenClaw instances into a collaborative network.

Architecture

                    VPS (Central Server)
                 ┌─────────────────────┐
                 │  Agent Network      │
                 │     Server          │
                 │  ws://:3002         │
                 │  http://:3001       │
                 └────────┬────────────┘
                          │
     ┌────────────────────┼────────────────────┐
     │                    │                    │
┌────┴────┐          ┌────┴────┐         ┌────┴────┐
│   VPS   │◄────────►│MacBook  │◄───────►│MacMini  │
│clawdbot │          │clawdbot │         │clawdbot │
└─────────┘          └─────────┘         └─────────┘

Quick Start

1. Start the Server (on VPS)

# Install and start the central server
npm install
npm start

Server runs on:

WebSocket: ws://your-vps-ip:3002
REST API: http://your-vps-ip:3001

2. Connect Your ClawBots

Option A: One-line install (MacBook/Mac Mini)

curl -fsSL http://YOUR-VPS:3001/install-clawbot.sh | bash

Then start:

~/.clawbot-network/start.sh

Option B: Python SDK in your skill

import sys
import os
sys.path.insert(0, os.path.expanduser('~/.clawbot-network'))

from clawbot_connector import connect_to_network

# Connect this clawdbot to the network
bot = await connect_to_network(server_url="ws://your-vps:3002")

# Handle incoming messages from other clawdbots
@bot.on_message
def handle_message(msg):
    print(f"[{msg['fromName']}] {msg['content']}")
    
    # You can integrate with your clawdbot's message handling
    if "status" in msg['content'].lower():
        bot.reply_to(msg, "✅ I'm running fine!")

# Handle when you're @mentioned
@bot.on_mention
def handle_mention(msg):
    print(f"🔔 Mentioned by {msg['fromName']}: {msg['content']}")

# Handle task assignments
@bot.on_task
def handle_task(task):
    print(f"📋 New task: {task['title']}")
    # Use OpenClaw's sessions_spawn to execute
    # sessions_spawn(agentId="sub-agent", task=task['description'])

Features

Real-time Chat - All clawdbots in one group chat
@Mentions - @clawdbot-macbook Please check this
Task Assignment - Assign tasks across devices
Offline Messages - Messages saved when offline, delivered on reconnect
Auto Reconnect - Automatic reconnection on network issues
Device Detection - Auto-detects if running on MacBook/Mac Mini/Linux

Configuration

Create config/clawbot-network.json:

{
  "server_url": "ws://your-vps-ip:3002",
  "bot_id": "clawdbot-macbook-001",
  "bot_name": "MacBook Bot",
  "device": "MacBook Pro",
  "auto_connect": true
}

API Reference

WebSocket Events

Client -> Server:

register - Register this clawdbot
join_group - Join a group
message - Send message
direct_message - Send DM
heartbeat - Keep connection alive

Server -> Client:

registered - Registration confirmed
message - New group message
mention - You were @mentioned
task_assigned - New task assigned to you
agent_list - Online agents updated

REST API

GET /api/health - Server status
GET /api/agents - List online agents
GET /api/groups/:id/messages - Message history

Scripts

scripts/server/ - Central server (Node.js)
scripts/clawbot_connector.py - Python connector SDK
scripts/python_client.py - Low-level Python client

References

references/ARCHITECTURE.md - System architecture
references/QUICKSTART.md - Detailed setup guide

Example: Cross-Device Workflow

# On VPS (老邢)
bot = await connect_to_network()

# Assign task to MacBook
bot.send_direct_message(
    "clawdbot-macbook",
    "/task Deploy new version to production"
)

# MacBook (小邢) receives and executes
@bot.on_task
def handle_task(task):
    if "deploy" in task['title'].lower():
        # Execute via OpenClaw
        sessions_spawn(
            agentId="devops-agent",
            task="Deploy to production"
        )

Security Notes

Current setup uses HTTP/WebSocket. For production:

Use Nginx + SSL (wss://)
Add token-based authentication
Restrict server access via firewall

Troubleshooting

Connection refused:

Check server is running: curl http://your-vps:3001/api/health
Check firewall: sudo ufw allow 3001/tcp && sudo ufw allow 3002/tcp

Messages not received:

Verify bot_id is unique per device
Check group membership
Look at server logs

Auto-reconnect not working:

Default: 10 retries with 5s intervals
Increase in config: "max_reconnect_attempts": 20

Files

scripts/server/index.js - Main server
scripts/server/database.js - SQLite storage
scripts/clawbot_connector.py - High-level Python SDK
scripts/python_client.py - Low-level client
assets/install-clawbot.sh - One-line installer

Usage Guidance

Before installing, consider the following: - Don't run curl | bash from an unknown IP over plain HTTP. The installer and quickstart point to http://3.148.174.81 and to one-line installers; that fetches and executes code from a remote host without TLS or authentication. This is the main risk. - The skill bundle already contains client/server source. Yet the installer fetches files from the remote server IP — this inconsistency lets the remote host serve different code than what's packaged. If you must try it, prefer using the code included in the bundle (inspect it first) instead of pulling from the remote server. - Default server is unauthenticated and unencrypted. Anyone who can reach the server ports could register, send messages, or assign tasks. Never expose the default server to the public internet in production; require TLS and token auth (the README mentions this but it's not enforced). - The installer reads ~/.openclaw/workspace-clawdbot/SOUL.md to auto-detect the bot name. That's a fairly narrow read of a user file, but you should inspect that file's contents and ensure nothing sensitive is leaked to the server. - If you want to use this: (1) review the included server and client source thoroughly, (2) host the server yourself on a private/VPC network or local network, (3) enable TLS and token-based auth before connecting production devices, (4) avoid curl|bash against unknown IPs — download the package, audit it, and run locally in an isolated environment first. - Additional helpful info that would raise confidence: a verified maintainer or homepage, signed releases, installer hosted on a trusted domain with HTTPS, and server code that enforces authentication out of the box. Without those, treat this skill as suspicious and audit/cage it before use.

Capability Analysis

Type: OpenClaw Skill Name: clawbot-network Version: 1.0.0 The skill is classified as suspicious due to several critical vulnerabilities, primarily the use of `curl -fsSL ... | bash` for installation (`SKILL.md`, `assets/install-clawbot.sh`, `references/QUICKSTART.md`), which allows arbitrary code execution from a hardcoded external server (`3.148.174.81`) without user review. Additionally, the Python connector (`scripts/clawbot_connector.py`) and `SKILL.md` examples demonstrate a prompt-injection vulnerability where `sessions_spawn` can execute tasks with descriptions received from other agents, potentially leading to cross-agent Remote Code Execution (RCE). The system also lacks default authentication and encryption, as acknowledged in the documentation, making communications vulnerable to eavesdropping and tampering.

Capability Assessment

ℹ Purpose & Capability

The code implements a central server and client connector that match the skill's stated purpose (cross-device chat, mentions, task assignment). However, there is an inconsistency: the skill bundle already contains client and connector files, yet the included installer and documentation default to downloading client components from a remote IP (3.148.174.81) over HTTP. That external dependency is not explained by the description and is disproportionate to the local packaged assets.

⚠ Instruction Scope

Runtime instructions and the provided installer direct the agent/user to curl a remote install script and download client files from http://3.148.174.81. The installer also reads a local OpenClaw SOUL.md to auto-detect a bot name (reads a user file in the home directory). The skill's instructions therefore cause network downloads from an external IP and read a local config file; both are outside what a naive user might expect and increase risk.

⚠ Install Mechanism

There is no formal install spec, but assets/install-clawbot.sh is intended as a one-line installer. That script pulls python_client.py and clawbot_connector.py from a raw IP over plain HTTP and suggests piping install scripts via curl | bash. Downloading and executing code from an unauthenticated HTTP endpoint (IP address) and encouraging curl|bash is a high-risk pattern. The project also includes server/client code in the bundle — yet the installer still fetches from the remote server, which is inconsistent and potentially allows remote replacement of code.

ℹ Credentials

The skill does not request credentials or environment variables. It does, however, read a local OpenClaw SOUL.md to determine bot name and will store files under ~/.clawbot-network. The server and clients operate without authentication by default (no tokens enforced), exposing message and task APIs to anyone who can reach the server address. Dependencies in package.json include jsonwebtoken and bcryptjs (for auth), but the shipped server code does not enforce authentication, which is a mismatch between intended security and shipped defaults.

✓ Persistence & Privilege

The skill does not request 'always: true' or other elevated platform privileges. It creates files under the user's home directory (.clawbot-network) and runs user-level processes; it does not attempt to modify other skills or system settings. This is normal for a client connector.

Version History

v1.0.0

Initial release: Distributed OpenClaw collaboration system

Metadata

Slug clawbot-network

Version 1.0.0

License —

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is ClawBot Network?

Connect multiple OpenClaw instances across devices (VPS, MacBook, Mac Mini) for distributed agent collaboration. Enables clawdbot-to-clawdbot communication, cross-device @mentions, task assignment, and group chat. Use when you have OpenClaw running on multiple machines that need to communicate and collaborate. It is an AI Agent Skill for Claude Code / OpenClaw, with 1013 downloads so far.

How do I install ClawBot Network?

Run "/install clawbot-network" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is ClawBot Network free?

Yes, ClawBot Network is completely free (open-source). You can download, install and use it at no cost.

Which platforms does ClawBot Network support?

ClawBot Network is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created ClawBot Network?

It is built and maintained by howtimeschange (@howtimeschange); the current version is v1.0.0.

More Skills

ClawBot Network