← Back to Skills Marketplace
399
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install inter-agent-communication
Description
Agent cross-session communication solution. Uses sessions_spawn to create subagent sessions for inter-agent calls. (Agent间跨会话通讯方案。使用 sessions_spawn 创建带 label...
README (SKILL.md)
Agent Communication
⚠️ Important Rules
NEVER reuse agent-human conversation sessions!
- Human-agent session format:
agent:xxx:feishu:direct:ou_xxx - Agent-Agent calls MUST use
sessions_spawnto create subagent sessions
Strict Workflow (Do Not Skip)
Step 1: Check for Existing Session
sessions_list({ limit: 50 })
Find in results:
- Contains
"subagent"marker - Label matches sender-to-receiver or receiver-to-sender (bidirectional check)
Example:
- If main wants to find sienna, look for
main-to-siennaorsienna-to-main - Either one works, no need to create new
Step 2: Create New Session (if none found)
If Step 1 returns nothing, create with sessions_spawn:
sessions_spawn({
label: "main-to-sienna", // Format: sender-to-receiver
runtime: "subagent",
task: "", // Task goes in Step 3
mode: "run"
})
Step 3: Send Message
sessions_send({
sessionKey: "agent:main:subagent:xxx", // From Step 1 or 2
message: "Task description..." // Actual task here
})
⚡ Key Rules (Must Follow)
- No skipping Step 1: Must run sessions_list first
- No shortcuts: Must follow Step 1 → 2 → 3
- Bidirectional reuse: a-to-b and b-to-a both work, no need for two
- Reply to sender directly: Without special instructions, reply to the initiator
- Use subagent marker: sessionKey must contain "subagent"
❌ Wrong Examples
// Wrong 1: Create without checking
sessions_spawn({...}) // Must check first!
// Wrong 2: Use human conversation session
sessionKey: "agent:sienna:feishu:direct:ou_xxx" // Forbidden!
// Wrong 3: Create both directions
// main-to-sienna and sienna-to-main - one is enough!
// Wrong 4: Reply to others
// Should reply directly to sender, no forward or group post
SessionKey Format Guide
| Type | Format Example | Usable for Agent-Agent? |
|---|---|---|
| Agent-Human DM | agent:sienna:feishu:direct:ou_xxx |
❌ Forbidden |
| Agent in Group | agent:sienna:feishu:group:oc_xxx |
❌ Forbidden |
| Subagent Session | agent:maxwell:subagent:xxx |
✅ Allowed |
Response Rules
Default: Response goes directly to the sender
- Sender sends message → Reply directly to sender
- No need to forward to others
- No need to post to group
- Unless sender explicitly asks to forward
Workflow Pseudocode
1. Call sessions_list({ limit: 50 })
2. Loop through results, find both:
- Contains "subagent" marker
- Label matches "sender-to-receiver" OR "receiver-to-sender"
3. Found → Use that sessionKey, goto Step 5
4. Not found → Create with sessions_spawn, save sessionKey
5. Call sessions_send({ sessionKey, message })
6. Done
Current Active Channels (Reference)
| Agent | Label | sessionId |
|---|---|---|
| leo | maxwell-to-leo | 9d519dc9-0239-4284-8077-3ed4bccd486d |
| sienna | maxwell-to-sienna | 05a93e6d-4a50-4503-a9c8-4aaf7da8c414 |
| letus | maxwell-to-letus | 391a4a78-43ab-4e04-95fe-abfd414b1c64 |
| coding | maxwell-to-coding | ebba5ff4-87f6-430b-80e5-269319b122c0 |
| main | maxwell-to-main | d7eb2edc-7acc-40e7-838d-8a9cb08820c0 |
Notes
- thread=true mode temporarily unavailable
- Labeled subagent sessions can be found by sessions_list
- mode="session" requires thread=true, currently unavailable
Session Protection Mechanism (New)
Step 2.5: Protect Session (Run After Creation)
New subagent sessions may be auto-cleaned by default. To ensure long-term availability, protect after creation:
// Protect session from auto-cleanup
exec({
command: `openclaw sessions cleanup --agent [target-agent] --active-key "${sessionKey}" --enforce`
})
Note: Replace
${sessionKey}with actual sessionKey
Complete Flow (With Protection)
Step 1: Check for Existing Session
sessions_list({ limit: 50 })
Step 2: Create New Session (if none found)
sessions_spawn({
label: "main-to-sienna",
runtime: "subagent",
task: "",
mode: "run"
})
// Returns sessionKey, format: agent:xxx:subagent:xxx
Step 2.5: Protect Session (New)
exec({
command: `openclaw sessions cleanup --active-key "agent:xxx:subagent:xxx" --enforce`
})
Step 3: Send Message
sessions_send({
sessionKey: "agent:main:subagent:xxx",
message: "Task description..."
})
Last updated: 2026-03-17
Usage Guidance
This skill appears to do what it says (look up or spawn labeled subagent sessions and send messages). Key risk: it tells the agent to run a shell command that includes the sessionKey without any sanitization, which could enable command injection if sessionKey can be influenced by an attacker or untrusted agent. Before installing or using: (1) confirm how exec is implemented on your platform—does it invoke a shell or pass safe argument arrays? (2) ensure sessionKey values are validated/sanitized (reject/control quotes, semicolons, backticks, etc.) before interpolation; prefer a non-shell API that accepts arguments separately. (3) Limit which agents can create or control session labels; treat subagent sessions as privileged channels. (4) Review and restrict the agent runtime permissions needed to call sessions_list/spawn/send and to run the openclaw CLI. If you cannot verify that exec is safe or cannot enforce input validation, consider this skill risky to enable.
Capability Analysis
Type: OpenClaw Skill
Name: inter-agent-communication
Version: 0.1.0
The skill bundle facilitates inter-agent communication but introduces a shell injection vulnerability in both SKILL.md and scripts/communicator.js. The 'Session Protection Mechanism' (Step 2.5) uses the exec tool to run a CLI command (openclaw sessions cleanup) that incorporates an unsanitized sessionKey variable directly into a shell string. While this appears to be a legitimate attempt to manage session lifecycles within the OpenClaw environment, the use of shell execution with potentially untrusted input is a high-risk behavior.
Capability Assessment
Purpose & Capability
Name/description, SKILL.md instructions, and communicator.js all focus on cross-agent session lookup, creation, sending, and protecting sessions. The required capabilities align with the stated purpose and no unrelated credentials or binaries are requested.
Instruction Scope
Instructions closely follow the code (sessions_list → sessions_spawn → sessions_send). However SKILL.md and the code instruct use of exec to run a CLI command that interpolates sessionKey (openclaw sessions cleanup --active-key "${sessionKey}" --enforce) with no guidance on sanitization or validation. If sessionKey can be attacker-controlled or contains special characters, this creates a shell injection / arbitrary command-execution risk. The instructions also assume the agent has privileges to list/spawn/send sessions and to run the openclaw CLI.
Install Mechanism
Instruction-only skill (no install spec). Included JS helper is small and consistent with the SKILL.md. No external downloads or installers are present.
Credentials
No environment variables, secrets, or unrelated config paths are requested. The requested actions (session APIs and a cleanup CLI) are proportionate to the stated task.
Persistence & Privilege
always is false and the skill is user-invocable. The skill explicitly instructs protecting subagent sessions from auto-cleanup (longer-lived sessions) via the openclaw CLI, which changes lifecycle behavior on the platform and could be used to create persistent channels or exhaust resources; this is expected for the feature but worth reviewing for abuse potential.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install inter-agent-communication - After installation, invoke the skill by name or use
/inter-agent-communication - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
- Initial release of inter-agent communication system via labeled subagent sessions.
- Enforces strict session management with a three-step workflow: check for existing session, create if none exists, then send the message.
- Introduces bidirectional session reuse and prohibits use of agent-human sessions for agent-to-agent calls.
- Adds a new session protection step using the `openclaw` command to prevent automatic session cleanup.
- Provides clear rules, format guides, pseudocode, and real session examples for correct usage.
Metadata
Frequently Asked Questions
What is Inter Agent Communication?
Agent cross-session communication solution. Uses sessions_spawn to create subagent sessions for inter-agent calls. (Agent间跨会话通讯方案。使用 sessions_spawn 创建带 label... It is an AI Agent Skill for Claude Code / OpenClaw, with 399 downloads so far.
How do I install Inter Agent Communication?
Run "/install inter-agent-communication" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Inter Agent Communication free?
Yes, Inter Agent Communication is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Inter Agent Communication support?
Inter Agent Communication is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Inter Agent Communication?
It is built and maintained by msx.pan (@panmenglin); the current version is v0.1.0.
More Skills