← Back to Skills Marketplace
kesslerio

Google Messages

by kesslerio · GitHub ↗ · v0.1.0
cross-platform ⚠ suspicious
2333
Downloads
0
Stars
3
Active Installs
1
Versions
Install in OpenClaw
/install google-messages-openclaw-skill
Description
Send and receive SMS/RCS via Google Messages web interface (messages.google.com). Use when asked to "send a text", "check texts", "SMS", "text message", "Google Messages", or forward incoming texts to other channels.
README (SKILL.md)

Google Messages Browser Skill

Automate SMS/RCS messaging via messages.google.com using the browser tool.

Overview

Google Messages for Web allows you to send/receive texts from your Android phone via browser. This skill automates that interface.

Requirements:

  • Android phone with Google Messages app
  • Phone and computer on same network (for initial QR pairing)
  • Browser profile with persistent session (use openclaw or your preferred profile)

Note: Replace profile=openclaw in examples with your preferred browser profile if different.

Quick Reference

Action Command
Open pairing page browser action=open profile=openclaw targetUrl="https://messages.google.com/web/authentication"
Check session browser action=snapshot profile=openclaw — look for conversation list vs QR code
Take screenshot browser action=screenshot profile=openclaw

Initial Setup (QR Pairing)

First-time setup requires scanning a QR code:

  1. Open Google Messages Web

    browser action=open profile=openclaw targetUrl="https://messages.google.com/web/authentication"

  2. Screenshot the QR code and share with user

    browser action=screenshot profile=openclaw

  3. User scans with phone:

    • Open Google Messages app on Android
    • Tap ⋮ menu → "Device pairing" → "QR code scanner"
    • Scan the QR code

  4. Verify connection — snapshot should show conversation list, not QR code

Important: Enable "Remember this computer" to persist the session.

Sending Messages

  1. Navigate to conversations

    browser action=navigate profile=openclaw targetUrl="https://messages.google.com/web/conversations"

  2. Take snapshot and find conversation

    browser action=snapshot profile=openclaw

    Look for the contact in the conversation list, note the ref.

  3. Click conversation

    browser action=act profile=openclaw request={"kind": "click", "ref": "\x3Cref>"}

  4. Type message (find textarea ref from snapshot)

    browser action=act profile=openclaw request={"kind": "type", "ref": "\x3Cinput_ref>", "text": "Your message"}

  5. Click send (find send button ref)

    browser action=act profile=openclaw request={"kind": "click", "ref": "\x3Csend_ref>"}

Receiving Messages (Real-time Notifications)

This skill includes a webhook system for real-time incoming SMS notifications.

Components

  1. sms-webhook-server.js — receives notifications, forwards to OpenClaw channels
  2. sms-observer.js — browser script that watches for new messages

Setup

  1. Set environment variables:

    export SMS_NOTIFICATION_TARGET="telegram:YOUR_CHAT_ID"
export SMS_NOTIFICATION_CHANNEL="telegram"

  2. Start webhook server:

    node \x3Cskill>/sms-webhook-server.js

  3. Inject observer into browser (see references/observer-injection.md)

Systemd Service (Persistent)

cp \x3Cskill>/systemd/google-messages-webhook.service ~/.config/systemd/user/
# Edit service file: set SMS_NOTIFICATION_TARGET in Environment=
systemctl --user daemon-reload
systemctl --user enable --now google-messages-webhook

Reading Messages

See references/snippets.md for JavaScript snippets to:

  • Get recent conversations
  • Get messages in current conversation
  • Check session status

Troubleshooting

Problem Solution
QR code shown Session expired, re-pair
Elements not found Google updated UI, check snapshot for new selectors
Send button disabled Message input empty or phone disconnected
Observer not detecting Check browser console for [SMS Observer] logs
Webhook not receiving Verify server running: curl http://127.0.0.1:19888/health

Selectors Reference

Google Messages uses Angular components. These may change with updates.

Element Selector
Conversation list mws-conversations-list
Conversation item mws-conversation-list-item
Message input textarea[aria-label*="message"]
Send button button[aria-label*="Send"]
QR code mw-qr-code

Limitations

  • Phone must be online (messages sync through phone)
  • Browser tab must stay open for notifications
  • Session expires after ~14 days of inactivity
  • Observer lost on page reload (re-inject needed)

Security

  • Webhook listens on localhost only (127.0.0.1)
  • No credentials stored (session in browser cookies)
  • QR pairing links to your phone — treat as sensitive

License

Apache-2.0

Usage Guidance
This skill generally does what it claims: it injects a browser observer into messages.google.com and runs a local Node webhook that can forward SMS previews to OpenClaw channels. The immediate, serious issue is that the webhook builds a shell command string (using child_process.execSync) that interpolates SMS text and notification-target values; because shell expansion and command substitution still occur inside double quotes, a crafted SMS could execute arbitrary commands as the user running the webhook. Before installing or running this skill: - Do not run the webhook as a high-privilege account. Run it in an isolated, unprivileged user or container. - Prefer fixing the code: replace execSync with a safe invocation that avoids a shell (use child_process.spawn or execFile with args array) or use an OpenClaw API/SDK rather than shelling out. Properly validate/escape all inputs passed to shell if you cannot avoid shell invocation. - If you must use the provided code, at minimum sanitize/whitelist SMS content and validate SMS_NOTIFICATION_TARGET to prevent injection. - Consider disabling automatic forwarding until the command-injection issue is addressed, or keep SMS_NOTIFICATION_TARGET unset so notifications are logged only. - Review and trust the author/source; if you cannot verify the repository or author, treat this as higher risk. If you want, I can produce a secure patch that replaces the execSync call with a safe spawn/execFile pattern or adds robust escaping/whitelisting for notification targets and message content.
Capability Analysis
Type: OpenClaw Skill Name: google-messages-openclaw-skill Version: 0.1.0 This skill is classified as suspicious due to its use of high-risk capabilities, even though they appear to be aligned with the stated purpose. Key indicators include the use of `child_process.execSync` in `sms-webhook-server.js` to execute the `openclaw` CLI, and the instruction in `SKILL.md` and `references/observer-injection.md` to use `browser action=act request={"kind": "evaluate", "fn": "..."}` for injecting arbitrary JavaScript (`sms-observer.js`) into the browser. Additionally, the skill includes instructions for setting up a systemd user service for persistence of the webhook server. While these actions are necessary for the skill's functionality (automating Google Messages and providing notifications), they represent powerful primitives that could be abused if the skill were compromised or had malicious intent, thus exceeding the threshold for 'benign'.
Capability Assessment
Purpose & Capability
Name, description, SKILL.md, and required env vars (SMS_NOTIFICATION_TARGET, SMS_NOTIFICATION_CHANNEL) align with sending/receiving SMS and forwarding them via OpenClaw. Required binary (node) and the presence of browser automation/observer scripts are reasonable for this purpose.
Instruction Scope
Runtime instructions tell the agent to inject a DOM-observer into messages.google.com and run a local webhook to receive previews — that matches the stated purpose. However the webhook's runtime behavior forwards SMS previews into a shell command (via execSync), meaning incoming SMS text (untrusted user data) is placed into a command line; this gives the ability for a malicious or specially-crafted SMS to execute arbitrary shell commands as the user running the webhook.
Install Mechanism
No external downloads or remote installers are used; the package is instruction + Node scripts. There is no install spec that pulls arbitrary code from third-party URLs. This is lower-risk than a skill that downloads binaries at install time.
Credentials
The skill only requests two environment variables that match its forwarding feature. However, the webhook uses SMS content together with SMS_NOTIFICATION_TARGET and SMS_NOTIFICATION_CHANNEL to build a shell command. Because environment values and SMS previews are interpolated into a shell invocation without robust sanitization, the environment/credential model plus message content is disproportionally risky: untrusted SMS content can be used to inject shell operations.
Persistence & Privilege
The skill is not forced-always and uses an optional user systemd service for persistence; that is reasonable for a local notification agent. It does not request elevated system-wide privileges or modify other skills' configs.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install google-messages-openclaw-skill
  3. After installation, invoke the skill by name or use /google-messages-openclaw-skill
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release of google-messages-openclaw-skill. - Enables sending and receiving SMS/RCS via Google Messages web interface. - Automates message workflow: pairing, sending, and receiving texts using the browser tool. - Provides real-time incoming SMS notifications via webhook forwarding. - Includes setup instructions for QR pairing, persistent session, and systemd service. - Details command references, selectors, troubleshooting, and security practices.
Metadata
Slug google-messages-openclaw-skill
Version 0.1.0
License
All-time Installs 4
Active Installs 3
Total Versions 1
Frequently Asked Questions

What is Google Messages?

Send and receive SMS/RCS via Google Messages web interface (messages.google.com). Use when asked to "send a text", "check texts", "SMS", "text message", "Google Messages", or forward incoming texts to other channels. It is an AI Agent Skill for Claude Code / OpenClaw, with 2333 downloads so far.

How do I install Google Messages?

Run "/install google-messages-openclaw-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Google Messages free?

Yes, Google Messages is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Google Messages support?

Google Messages is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Google Messages?

It is built and maintained by kesslerio (@kesslerio); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments