← Back to Skills Marketplace

LobsterLAN

Name: LobsterLAN
Author: danielithomas

by Daniel Thomas · GitHub ↗ · v1.0.1 · MIT-0

cross-platform ✓ Security Clean

409

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install lobsterlan

Description

Communicate with other OpenClaw agents on your local network. Use when you need to ask another agent a question (sync), delegate a task (async), or check if...

README (SKILL.md)

LobsterLAN — Agent-to-Agent Communication

Talk to other OpenClaw agents on your LAN.

Setup

Copy config/peers.example.json to config/peers.json
Fill in peer hostnames, ports, and tokens
Ensure target agents have the required APIs enabled (see below)
Set up a secure transport (see Network Transport below)

Required Config on Target Agent

For sync ask (chat completions):

// Target agent's openclaw.json — keep bind as "loopback"!
{
  "gateway": {
    "http": {
      "endpoints": {
        "chatCompletions": { "enabled": true }
      }
    }
  }
}

⚠️ Do NOT set gateway.bind to "lan" — OpenClaw will refuse to start if the gateway is exposed on a non-loopback address without TLS. Use a secure transport instead (see below).

For async delegate (webhooks):

{
  "hooks": {
    "enabled": true,
    "token": "a-secure-shared-secret"
  }
}

Network Transport

OpenClaw gateways default to bind: loopback and will not start with plaintext on non-loopback addresses. You need a secure transport layer for cross-host communication:

Approach	Complexity	Best For
SSH Tunnel ⭐	Low	Home LANs, simple setups
Reverse Proxy (TLS)	Medium	Environments with existing Caddy/nginx
Tailscale Serve	Medium	Multi-site or remote agents

For simple LANs, SSH tunneling is recommended. Both gateways stay on loopback, the SSH tunnel provides encryption, and no gateway config changes are needed.

SSH Tunnel Example

Forward a local port to the remote agent's loopback gateway:

ssh -N -L 18790:127.0.0.1:18790 user@remote-agent-host

Then in peers.json, point the peer to 127.0.0.1:18790 (the local tunnel endpoint).

For persistence, use a systemd user service with Restart=always. See the full setup guide in docs/setup.md.

Commands

Ask (synchronous — wait for reply)

scripts/lobsterlan.sh ask scotty "What is the CPU temperature?"

Use for quick questions where you need the answer now.

Delegate (async — fire and forget)

scripts/lobsterlan.sh delegate scotty "Generate 5 zen wallpapers and push to the file share"

Use for long-running tasks. The peer processes independently.

Status check

scripts/lobsterlan.sh status scotty

List peers

scripts/lobsterlan.sh peers

Agent Usage (from within OpenClaw)

Run via exec tool:

cd ~/.openclaw/workspace/skills/lobsterlan && scripts/lobsterlan.sh ask scotty "status report"

Security

Three layers protect communication:

Network: LAN-only (firewall blocks external access to gateway port)
Gateway token: Bearer auth on every request
Agent ID header (optional): X-LobsterLAN-Agent sent with self-ID

The gateway token is the real security boundary. The agent ID header is defense-in-depth for environments where you want explicit identity verification.

Environment Variables

LOBSTERLAN_CONFIG — path to peers.json (default: ../config/peers.json relative to script)

Usage Guidance

This skill appears to do exactly what it says, but take these precautions before installing: (1) Only configure trusted peers — any configured peer you contact can receive messages and delegated tasks. (2) Protect peers.json (contains gateway/hook tokens) with tight file permissions and avoid committing it to source control. (3) Follow the SKILL.md recommendation to keep OpenClaw gateways bound to loopback and use SSH tunnels/TLS/reverse proxies for cross-host communication; do not expose gateway ports plaintext to untrusted networks. (4) Be aware delegated tasks run on the peer side — if a peer is compromised or malicious it can misuse the delegated work or respond with harmful content. (5) If you require stronger secret handling, consider storing tokens in a secrets manager and adjusting the script to read them from environment variables or a protected store.

Capability Analysis

Type: OpenClaw Skill Name: lobsterlan Version: 1.0.1 The lobsterlan skill provides a legitimate utility for agent-to-agent communication over a local network via REST APIs. The implementation in `scripts/lobsterlan.sh` includes basic input validation, uses Python for safe JSON handling, and follows the security practices described in `SKILL.md`, such as recommending SSH tunnels for encrypted transport. No evidence of malicious intent, data exfiltration, or prompt injection was found.

Capability Assessment

✓ Purpose & Capability

Name/description describe LAN agent-to-agent communication and the included script and config implement exactly that: synchronous chat completions and asynchronous webhook delegation to configured peers. Required tokens and peer addresses are reasonable and directly related to the stated purpose.

✓ Instruction Scope

SKILL.md and scripts only instruct the agent to read a local peers.json, call configured peer HTTP endpoints, and optionally set up SSH tunnels/reverse proxies. There are no instructions to read unrelated system files or exfiltrate data to unknown endpoints. The skill correctly warns about plaintext LAN connections and recommends secure transport.

✓ Install Mechanism

No install spec or remote downloads; the skill is instruction-only with a bundled shell script. No external packages or extracted archives are fetched at install time.

ℹ Credentials

The skill metadata lists no required env vars, and secrets (gateway/hook tokens) are expected in config/peers.json rather than environment variables. That is proportionate to the function, but storing bearer tokens in a plaintext config file is sensitive and should be protected (file permissions, not checked into VCS, or consider alternative secret storage).

✓ Persistence & Privilege

The skill does not request always:true and does not modify other skills or system-wide settings. It runs on demand via its script and relies on operator-provided config and transports.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install lobsterlan
After installation, invoke the skill by name or use /lobsterlan
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.1

Security fix: eliminate command injection in inline Python blocks. All shell variables now passed via environment variables instead of string interpolation. Added input validation for peer names, hosts, and ports. Added non-localhost warning.

v1.0.0

Initial release: secure agent-to-agent communication over LAN

Metadata

Slug lobsterlan

Version 1.0.1

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 2

Frequently Asked Questions

What is LobsterLAN?

Communicate with other OpenClaw agents on your local network. Use when you need to ask another agent a question (sync), delegate a task (async), or check if... It is an AI Agent Skill for Claude Code / OpenClaw, with 409 downloads so far.

How do I install LobsterLAN?

Run "/install lobsterlan" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is LobsterLAN free?

Yes, LobsterLAN is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does LobsterLAN support?

LobsterLAN is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created LobsterLAN?

It is built and maintained by Daniel Thomas (@danielithomas); the current version is v1.0.1.

More Skills