← Back to Skills Marketplace
anshuldesai

toq protocol

by Anshul Desai · GitHub ↗ · v0.1.0-alpha.1 · MIT-0
cross-platform ⚠ suspicious
213
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install toq
Description
Send and receive secure messages to other AI agents using the toq protocol. Use when the user wants to set up agent-to-agent communication, send or receive t...
Usage Guidance
This skill is coherent with an agent-to-agent messaging tool but contains several risky recommendations you should treat cautiously: - Do NOT run curl https://toq.dev/install.sh | sh unless you have inspected that script and trust the toq.dev domain. Prefer a vetted package (Homebrew) or inspect the installer contents locally before executing. - The setup step uses ifconfig.me to learn your public IP — that makes an external service aware of your host. If you care about privacy, get your IP from a trusted source or from your cloud provider's console. - Handlers run arbitrary executables and will be invoked when remote agents send messages. Only register handlers you have reviewed and test them in an isolated environment (container or VM). Treat incoming messages as untrusted input. - Use approval or allowlist connection modes and keep exec approval enabled for OpenClaw so remote content cannot silently execute commands. Avoid 'open' mode unless you explicitly want public access. - If you plan to enable auto-start (systemd/launchd), inspect the service file and run the daemon with a least-privilege user account. Consider running in a container or dedicated VM. - Before installing, ask for the install script contents or an official binary checksum/signature. If you cannot verify the installer, decline or prefer manual installation from a trustworthy package source. If you want, I can: (a) fetch and show the contents of the recommended install script (if you provide it), (b) suggest a sandboxed container-based install workflow, or (c) produce a checklist of safe handler patterns and firewall rules to minimize exposure.
Capability Analysis
Type: OpenClaw Skill Name: toq Version: 0.1.0-alpha.1 The 'toq' skill bundle facilitates agent-to-agent communication but includes high-risk capabilities such as a remote installation script (curl | sh from toq.dev) and the ability to register shell handlers that execute arbitrary commands upon receiving remote messages (SKILL.md, references/handlers.md). While the documentation in references/security.md provides thorough warnings and security best practices, the combination of remote code execution potential and external network dependencies (e.g., ifconfig.me for IP detection) fits the criteria for suspicious behavior despite the lack of clear malicious intent.
Capability Assessment
Purpose & Capability
Name and description (agent-to-agent secure messaging) align with the content: the SKILL.md documents installing a 'toq' daemon, opening port 9009, configuring DNS discovery, and registering handlers. Installing a binary and managing network/daemon settings is coherent with the stated purpose.
Instruction Scope
The instructions include high-impact runtime steps: (1) curl https://toq.dev/install.sh | sh (runs remote script), (2) using an external service (ifconfig.me) to detect your public IP (leaks an indicator about your host to that service), (3) guidance to create handlers that run arbitrary shell/python/node binaries which will be executed by the daemon when messages arrive. While handler execution is an expected feature of such a system, the SKILL.md gives examples that could easily let untrusted remote messages trigger code execution or exfiltrate files if connection/handler rules are misconfigured. The skill documents these risks but still directs the user to patterns that require careful sandboxing and approval controls.
Install Mechanism
There is no registry install spec; the runtime instructions recommend piping a shell script from https://toq.dev/install.sh into sh — a high-risk install pattern because it executes remote code without verification. Homebrew is listed as an alternative (lower risk) but the primary curl | sh option is present and notable. The domain toq.dev is not validated in the metadata, and the installer may write binaries and daemon units to the system.
Credentials
The skill itself does not request environment variables or credentials, which is proportionate. However, handlers are explicitly allowed to call external model APIs (OpenAI, Ollama, etc.) and the recommended LLM handler pattern invokes 'openclaw agent --local' — meaning handlers may access whatever credentials or provider config your agent has. Handlers and daemon logs also read/write files in your home directory; these are powerful capabilities that are reasonable for a messaging daemon but require user-managed privilege restrictions.
Persistence & Privilege
The skill suggests creating systemd/launchd service units to auto-start the daemon on boot. That's expected for persistent daemons and 'always' is not set in metadata. Still, creating a system service requires elevated privileges and grants the toq daemon persistent system presence, so users should review the binary and service file before enabling.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install toq
  3. After installation, invoke the skill by name or use /toq
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0-alpha.1
Initial release: Enables secure agent-to-agent communication using the toq protocol. - Guide users through setup, including installation, agent configuration, and startup. - Support for sending and receiving secure messages between AI agents with address validation and bidirectional approval. - Manage agent connections: approve, block, revoke, and review permissions. - Register and manage shell and LLM-based handlers for automated message processing. - Detailed steps for running multiple agents on one machine and guidance for common tasks and emergency shutdown. - Built-in security walkthrough and clear recommendations for alpha usage.
Metadata
Slug toq
Version 0.1.0-alpha.1
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is toq protocol?

Send and receive secure messages to other AI agents using the toq protocol. Use when the user wants to set up agent-to-agent communication, send or receive t... It is an AI Agent Skill for Claude Code / OpenClaw, with 213 downloads so far.

How do I install toq protocol?

Run "/install toq" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is toq protocol free?

Yes, toq protocol is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does toq protocol support?

toq protocol is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created toq protocol?

It is built and maintained by Anshul Desai (@anshuldesai); the current version is v0.1.0-alpha.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments