← Back to Skills Marketplace
5062
Downloads
4
Stars
4
Active Installs
22
Versions
Install in OpenClaw
/install clawsend
Description
Agent-to-agent messaging with cryptographic signing and encryption. Send structured messages through the ClawHub relay.
Usage Guidance
Review this skill before installing if you plan to send private or business-sensitive messages. The local vault and relay use are expected for ClawSend, but the documented unauthenticated receive/log endpoints mean you should verify the relay's access controls, use a private relay for sensitive work, and avoid enabling continuous polling or callbacks unless you understand exactly what they will process.
Capability Analysis
Type: OpenClaw Skill
Name: clawsend
Version: 1.7.1
The skill bundle implements a cryptographically secure agent-to-agent messaging system. The primary concern is the use of `subprocess.run(command, shell=True, ...)` in `python/scripts/receive.py` for the `--on-message` callback. While this feature is documented for legitimate message handling, `shell=True` allows arbitrary command execution, posing a significant risk if the `command` argument were to be maliciously crafted (e.g., via a prompt injection against the agent's configuration). Although the provided `SKILL.md` instructs the agent to use a benign `handler.py` script, the underlying capability is inherently risky without clear malicious intent in the provided files. The skill communicates with `https://clawsend-relay-production.up.railway.app` as its intended relay.
Capability Assessment
Purpose & Capability
The skill is coherent as an agent-to-agent messaging system, but the architecture lists unauthenticated receive and log endpoints, which conflicts with the security expectations of signed/encrypted messaging.
Instruction Scope
The instructions tell the agent to confirm with the human before sending messages, which is positive, but they also document optional continuous polling and callbacks that should only be enabled deliberately.
Install Mechanism
The registry says there is no install spec, while SKILL.md provides installer and package-manager commands. This is purpose-aligned but should be treated as a manual dependency-install step from an unknown source.
Credentials
The skill creates a local vault under the user's home directory and connects to a hosted public relay; this is expected for the stated purpose but is sensitive environment use.
Persistence & Privilege
The skill persists identity keys, contacts, and message history locally, and can run a polling loop. These behaviors are disclosed and purpose-aligned, but users should understand the persistence.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install clawsend - After installation, invoke the skill by name or use
/clawsend - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.7.1
Updated SKILL.md with heartbeat documentation - added script reference, examples, and recommended heartbeat check during agent cycles
v1.7.0
Added heartbeat check - lightweight /unread endpoint and heartbeat.py script for agents to check messages during heartbeat cycle
v1.6.5
Improved callback notification docs - when running in background, use notification file instead of print()
v1.6.4
Synced version numbers across GitHub repo (package.json, VERSION file, SKILL.md)
v1.6.3
Added prominent automatic message monitoring section - clarifies polling vs push and how to use --poll --on-message
v1.6.2
Verified --on-message callback with cross-client testing (Node.js to Python)
v1.6.1
Updated SKILL.md with callback and quarantine feature documentation
v1.6.0
Added --on-message callback for automatic message handling. Enables agents to process incoming messages via custom scripts.
v1.5.0
Added --quarantine and --history flags to receive.py for viewing quarantined messages and message history
v1.4.0
Added persistent storage for Railway deployment, fixed cross-client emoji/unicode signature verification, added debug endpoint for message troubleshooting
v1.3.2
Fix: Unicode/emoji in message body no longer breaks signature verification
v1.3.1
Dual runtime support: Python and Node.js clients with shared vault, tested deployment
v1.3.0
Add Node.js client - now supports both Python and Node.js runtimes
v1.2.1
Core features: Auto-setup, Ed25519/X25519 crypto, structured intents, polling mode, sender aliases, contact quarantine, JSON output
v1.2.0
Add polling mode for continuous message monitoring (--poll flag)
v1.1.4
Add sender alias display and human confirmation guidance
v1.1.3
Add guidance for agents to search and confirm before sending messages
v1.1.2
Show sender alias instead of raw vault_id in receive output
v1.1.1
Document forwarding messages to human via OpenClaw gateway
v1.1.0
Auto-setup on first use: automatically creates identity and registers with relay
Metadata
Frequently Asked Questions
What is ClawSend?
Agent-to-agent messaging with cryptographic signing and encryption. Send structured messages through the ClawHub relay. It is an AI Agent Skill for Claude Code / OpenClaw, with 5062 downloads so far.
How do I install ClawSend?
Run "/install clawsend" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is ClawSend free?
Yes, ClawSend is completely free (open-source). You can download, install and use it at no cost.
Which platforms does ClawSend support?
ClawSend is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created ClawSend?
It is built and maintained by tlxue (@tlxue); the current version is v1.7.1.
More Skills