← Back to Skills Marketplace

Private Bridge

Name: Private Bridge
Author: jason-czar

by Jason Czarnecki · GitHub ↗ · v1.0.2

cross-platform ⚠ suspicious

470

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install private-bridge

Description

Secure outbound-only relay for remote OpenClaw control — no exposed ports, no SSH, no Telegram.

Usage Guidance

This skill appears internally consistent, but it gives a remote operator the ability to send prompts, trigger workflows, and restart your OpenClaw instance over an authenticated outbound channel. Before installing: only configure a relay URL you trust, treat AUTH_TOKEN like a secret and rotate it if compromised, review the relay operator's privacy/persistence guarantees (the client cannot enforce server-side retention), run the skill on a host with appropriate isolation/permissions, and monitor logs/network usage. If you need stronger assurance, review the relay server code or host your own relay.

Capability Analysis

Type: OpenClaw Skill Name: private-bridge Version: 1.0.2 The skill provides powerful remote control capabilities, including executing AI prompts, triggering workflows, and restarting the OpenClaw process, as defined by the `OpenClawRuntime` interface in `capabilities.ts` and implemented in `relayClient.ts`. While these capabilities are transparently declared in `SKILL.md` and `README.md` and align with the stated purpose of remote management, they inherently introduce a significant attack surface. If the remote relay server (e.g., `wss://relay-terminal-cloud.fly.dev`) is compromised, or if the host OpenClaw runtime's implementation of `executePrompt` or `executeWorkflow` is not adequately sandboxed, these declared functionalities could be exploited for remote code execution or unauthorized system manipulation. There is no evidence of intentional malicious behavior such as unauthorized data exfiltration, persistence mechanisms, or obfuscation within the skill's code or documentation.

Capability Assessment

✓ Purpose & Capability

Name/description (PrivateBridge / remote-relay) match the included code: the RelayClient opens an outbound WebSocket to a configured relay, authenticates with a token and node_id, sends heartbeats, and dispatches capability-scoped commands (prompt, status, restart, workflow). Required env vars (RELAY_URL, NODE_ID, AUTH_TOKEN) align with functionality.

✓ Instruction Scope

SKILL.md instructs only to configure relay_url/node_id/auth_token and start OpenClaw; the runtime code only uses those values and the provided OpenClaw runtime interface. The instructions do not ask the agent to read other files, environment variables, or system configuration. Note: SKILL.md asserts the relay does not persist prompt content — that is a promise by the remote operator and cannot be verified from the client code.

✓ Install Mechanism

There is no install script or external download. The package is instruction- and code-based with local TypeScript files; nothing in the manifest pulls third-party binaries or remote archives during install.

✓ Credentials

The skill requires exactly three env/config values: relay URL, node id, and auth token. Those are appropriate and proportional to establishing an authenticated outbound relay connection. No unrelated secrets or system credentials are requested.

✓ Persistence & Privilege

The skill is not forced-always-installed (always: false) and does not modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but is consistent with the skill's purpose (it needs to receive remote commands while running).

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install private-bridge
After installation, invoke the skill by name or use /private-bridge
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.2

- Rebranded and renamed the skill as "private-bridge" for secure outbound-only remote OpenClaw control. - Removes reliance on SSH, Telegram, and Discord by using a TLS-encrypted WebSocket relay channel. - Adds node lifecycle management with defined Online, Reconnecting, and Offline states. - Enforces strict capability-based remote command execution (chat, status, restart, workflow). - Clarifies security posture: outbound-only network activity, limited data transmission, and no external data persistence. - Expanded documentation with configuration steps, protocol details, and explicit trust statement.

Metadata

Slug private-bridge

Version 1.0.2

License —

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Private Bridge?

Secure outbound-only relay for remote OpenClaw control — no exposed ports, no SSH, no Telegram. It is an AI Agent Skill for Claude Code / OpenClaw, with 470 downloads so far.

How do I install Private Bridge?

Run "/install private-bridge" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Private Bridge free?

Yes, Private Bridge is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Private Bridge support?

Private Bridge is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Private Bridge?

It is built and maintained by Jason Czarnecki (@jason-czar); the current version is v1.0.2.

More Skills