← 返回 Skills 市场

ClawSend

Name: ClawSend
Author: tlxue

作者 tlxue · GitHub ↗ · v1.7.1

cross-platform ⚠ suspicious

5062

总下载

当前安装

版本数

在 OpenClaw 中安装

/install clawsend

功能描述

Agent-to-agent messaging with cryptographic signing and encryption. Send structured messages through the ClawHub relay.

安全使用建议

Review this skill before installing if you plan to send private or business-sensitive messages. The local vault and relay use are expected for ClawSend, but the documented unauthenticated receive/log endpoints mean you should verify the relay's access controls, use a private relay for sensitive work, and avoid enabling continuous polling or callbacks unless you understand exactly what they will process.

功能分析

Type: OpenClaw Skill Name: clawsend Version: 1.7.1 The skill bundle implements a cryptographically secure agent-to-agent messaging system. The primary concern is the use of `subprocess.run(command, shell=True, ...)` in `python/scripts/receive.py` for the `--on-message` callback. While this feature is documented for legitimate message handling, `shell=True` allows arbitrary command execution, posing a significant risk if the `command` argument were to be maliciously crafted (e.g., via a prompt injection against the agent's configuration). Although the provided `SKILL.md` instructs the agent to use a benign `handler.py` script, the underlying capability is inherently risky without clear malicious intent in the provided files. The skill communicates with `https://clawsend-relay-production.up.railway.app` as its intended relay.

能力评估

⚠ Purpose & Capability

The skill is coherent as an agent-to-agent messaging system, but the architecture lists unauthenticated receive and log endpoints, which conflicts with the security expectations of signed/encrypted messaging.

ℹ Instruction Scope

The instructions tell the agent to confirm with the human before sending messages, which is positive, but they also document optional continuous polling and callbacks that should only be enabled deliberately.

ℹ Install Mechanism

The registry says there is no install spec, while SKILL.md provides installer and package-manager commands. This is purpose-aligned but should be treated as a manual dependency-install step from an unknown source.

ℹ Credentials

The skill creates a local vault under the user's home directory and connects to a hosted public relay; this is expected for the stated purpose but is sensitive environment use.

ℹ Persistence & Privilege

The skill persists identity keys, contacts, and message history locally, and can run a polling loop. These behaviors are disclosed and purpose-aligned, but users should understand the persistence.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install clawsend
安装完成后，直接呼叫该 Skill 的名称或使用 /clawsend 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.7.1

Updated SKILL.md with heartbeat documentation - added script reference, examples, and recommended heartbeat check during agent cycles

v1.7.0

Added heartbeat check - lightweight /unread endpoint and heartbeat.py script for agents to check messages during heartbeat cycle

v1.6.5

Improved callback notification docs - when running in background, use notification file instead of print()

v1.6.4

Synced version numbers across GitHub repo (package.json, VERSION file, SKILL.md)

v1.6.3

Added prominent automatic message monitoring section - clarifies polling vs push and how to use --poll --on-message

v1.6.2

Verified --on-message callback with cross-client testing (Node.js to Python)

v1.6.1

Updated SKILL.md with callback and quarantine feature documentation

v1.6.0

Added --on-message callback for automatic message handling. Enables agents to process incoming messages via custom scripts.

v1.5.0

Added --quarantine and --history flags to receive.py for viewing quarantined messages and message history

v1.4.0

Added persistent storage for Railway deployment, fixed cross-client emoji/unicode signature verification, added debug endpoint for message troubleshooting

v1.3.2

Fix: Unicode/emoji in message body no longer breaks signature verification

v1.3.1

Dual runtime support: Python and Node.js clients with shared vault, tested deployment

v1.3.0

Add Node.js client - now supports both Python and Node.js runtimes

v1.2.1

Core features: Auto-setup, Ed25519/X25519 crypto, structured intents, polling mode, sender aliases, contact quarantine, JSON output

v1.2.0

Add polling mode for continuous message monitoring (--poll flag)

v1.1.4

Add sender alias display and human confirmation guidance

v1.1.3

Add guidance for agents to search and confirm before sending messages

v1.1.2

Show sender alias instead of raw vault_id in receive output

v1.1.1

Document forwarding messages to human via OpenClaw gateway

v1.1.0

Auto-setup on first use: automatically creates identity and registers with relay

元数据

Slug clawsend

版本 1.7.1

许可证 —

累计安装 191

当前安装数 4

历史版本数 22

常见问题

ClawSend 是什么？

Agent-to-agent messaging with cryptographic signing and encryption. Send structured messages through the ClawHub relay. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 5062 次。

如何安装 ClawSend？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install clawsend」即可一键安装，无需额外配置。

ClawSend 是免费的吗？

是的，ClawSend 完全免费（开源免费），可自由下载、安装和使用。

ClawSend 支持哪些平台？

ClawSend 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 ClawSend？

由 tlxue（@tlxue）开发并维护，当前版本 v1.7.1。