← 返回 Skills 市场
2333
总下载
0
收藏
3
当前安装
1
版本数
在 OpenClaw 中安装
/install google-messages-openclaw-skill
功能描述
Send and receive SMS/RCS via Google Messages web interface (messages.google.com). Use when asked to "send a text", "check texts", "SMS", "text message", "Google Messages", or forward incoming texts to other channels.
使用说明 (SKILL.md)
Google Messages Browser Skill
Automate SMS/RCS messaging via messages.google.com using the browser tool.
Overview
Google Messages for Web allows you to send/receive texts from your Android phone via browser. This skill automates that interface.
Requirements:
- Android phone with Google Messages app
- Phone and computer on same network (for initial QR pairing)
- Browser profile with persistent session (use
openclawor your preferred profile)
Note: Replace profile=openclaw in examples with your preferred browser profile if different.
Quick Reference
| Action | Command |
|---|---|
| Open pairing page | browser action=open profile=openclaw targetUrl="https://messages.google.com/web/authentication" |
| Check session | browser action=snapshot profile=openclaw — look for conversation list vs QR code |
| Take screenshot | browser action=screenshot profile=openclaw |
Initial Setup (QR Pairing)
First-time setup requires scanning a QR code:
-
Open Google Messages Web
browser action=open profile=openclaw targetUrl="https://messages.google.com/web/authentication" -
Screenshot the QR code and share with user
browser action=screenshot profile=openclaw -
User scans with phone:
- Open Google Messages app on Android
- Tap ⋮ menu → "Device pairing" → "QR code scanner"
- Scan the QR code
-
Verify connection — snapshot should show conversation list, not QR code
Important: Enable "Remember this computer" to persist the session.
Sending Messages
-
Navigate to conversations
browser action=navigate profile=openclaw targetUrl="https://messages.google.com/web/conversations" -
Take snapshot and find conversation
browser action=snapshot profile=openclawLook for the contact in the conversation list, note the
ref. -
Click conversation
browser action=act profile=openclaw request={"kind": "click", "ref": "\x3Cref>"} -
Type message (find textarea ref from snapshot)
browser action=act profile=openclaw request={"kind": "type", "ref": "\x3Cinput_ref>", "text": "Your message"} -
Click send (find send button ref)
browser action=act profile=openclaw request={"kind": "click", "ref": "\x3Csend_ref>"}
Receiving Messages (Real-time Notifications)
This skill includes a webhook system for real-time incoming SMS notifications.
Components
- sms-webhook-server.js — receives notifications, forwards to OpenClaw channels
- sms-observer.js — browser script that watches for new messages
Setup
-
Set environment variables:
export SMS_NOTIFICATION_TARGET="telegram:YOUR_CHAT_ID" export SMS_NOTIFICATION_CHANNEL="telegram" -
Start webhook server:
node \x3Cskill>/sms-webhook-server.js -
Inject observer into browser (see
references/observer-injection.md)
Systemd Service (Persistent)
cp \x3Cskill>/systemd/google-messages-webhook.service ~/.config/systemd/user/
# Edit service file: set SMS_NOTIFICATION_TARGET in Environment=
systemctl --user daemon-reload
systemctl --user enable --now google-messages-webhook
Reading Messages
See references/snippets.md for JavaScript snippets to:
- Get recent conversations
- Get messages in current conversation
- Check session status
Troubleshooting
| Problem | Solution |
|---|---|
| QR code shown | Session expired, re-pair |
| Elements not found | Google updated UI, check snapshot for new selectors |
| Send button disabled | Message input empty or phone disconnected |
| Observer not detecting | Check browser console for [SMS Observer] logs |
| Webhook not receiving | Verify server running: curl http://127.0.0.1:19888/health |
Selectors Reference
Google Messages uses Angular components. These may change with updates.
| Element | Selector |
|---|---|
| Conversation list | mws-conversations-list |
| Conversation item | mws-conversation-list-item |
| Message input | textarea[aria-label*="message"] |
| Send button | button[aria-label*="Send"] |
| QR code | mw-qr-code |
Limitations
- Phone must be online (messages sync through phone)
- Browser tab must stay open for notifications
- Session expires after ~14 days of inactivity
- Observer lost on page reload (re-inject needed)
Security
- Webhook listens on localhost only (127.0.0.1)
- No credentials stored (session in browser cookies)
- QR pairing links to your phone — treat as sensitive
License
Apache-2.0
安全使用建议
This skill generally does what it claims: it injects a browser observer into messages.google.com and runs a local Node webhook that can forward SMS previews to OpenClaw channels. The immediate, serious issue is that the webhook builds a shell command string (using child_process.execSync) that interpolates SMS text and notification-target values; because shell expansion and command substitution still occur inside double quotes, a crafted SMS could execute arbitrary commands as the user running the webhook. Before installing or running this skill:
- Do not run the webhook as a high-privilege account. Run it in an isolated, unprivileged user or container.
- Prefer fixing the code: replace execSync with a safe invocation that avoids a shell (use child_process.spawn or execFile with args array) or use an OpenClaw API/SDK rather than shelling out. Properly validate/escape all inputs passed to shell if you cannot avoid shell invocation.
- If you must use the provided code, at minimum sanitize/whitelist SMS content and validate SMS_NOTIFICATION_TARGET to prevent injection.
- Consider disabling automatic forwarding until the command-injection issue is addressed, or keep SMS_NOTIFICATION_TARGET unset so notifications are logged only.
- Review and trust the author/source; if you cannot verify the repository or author, treat this as higher risk.
If you want, I can produce a secure patch that replaces the execSync call with a safe spawn/execFile pattern or adds robust escaping/whitelisting for notification targets and message content.
功能分析
Type: OpenClaw Skill
Name: google-messages-openclaw-skill
Version: 0.1.0
This skill is classified as suspicious due to its use of high-risk capabilities, even though they appear to be aligned with the stated purpose. Key indicators include the use of `child_process.execSync` in `sms-webhook-server.js` to execute the `openclaw` CLI, and the instruction in `SKILL.md` and `references/observer-injection.md` to use `browser action=act request={"kind": "evaluate", "fn": "..."}` for injecting arbitrary JavaScript (`sms-observer.js`) into the browser. Additionally, the skill includes instructions for setting up a systemd user service for persistence of the webhook server. While these actions are necessary for the skill's functionality (automating Google Messages and providing notifications), they represent powerful primitives that could be abused if the skill were compromised or had malicious intent, thus exceeding the threshold for 'benign'.
能力评估
Purpose & Capability
Name, description, SKILL.md, and required env vars (SMS_NOTIFICATION_TARGET, SMS_NOTIFICATION_CHANNEL) align with sending/receiving SMS and forwarding them via OpenClaw. Required binary (node) and the presence of browser automation/observer scripts are reasonable for this purpose.
Instruction Scope
Runtime instructions tell the agent to inject a DOM-observer into messages.google.com and run a local webhook to receive previews — that matches the stated purpose. However the webhook's runtime behavior forwards SMS previews into a shell command (via execSync), meaning incoming SMS text (untrusted user data) is placed into a command line; this gives the ability for a malicious or specially-crafted SMS to execute arbitrary shell commands as the user running the webhook.
Install Mechanism
No external downloads or remote installers are used; the package is instruction + Node scripts. There is no install spec that pulls arbitrary code from third-party URLs. This is lower-risk than a skill that downloads binaries at install time.
Credentials
The skill only requests two environment variables that match its forwarding feature. However, the webhook uses SMS content together with SMS_NOTIFICATION_TARGET and SMS_NOTIFICATION_CHANNEL to build a shell command. Because environment values and SMS previews are interpolated into a shell invocation without robust sanitization, the environment/credential model plus message content is disproportionally risky: untrusted SMS content can be used to inject shell operations.
Persistence & Privilege
The skill is not forced-always and uses an optional user systemd service for persistence; that is reasonable for a local notification agent. It does not request elevated system-wide privileges or modify other skills' configs.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install google-messages-openclaw-skill - 安装完成后,直接呼叫该 Skill 的名称或使用
/google-messages-openclaw-skill触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Initial release of google-messages-openclaw-skill.
- Enables sending and receiving SMS/RCS via Google Messages web interface.
- Automates message workflow: pairing, sending, and receiving texts using the browser tool.
- Provides real-time incoming SMS notifications via webhook forwarding.
- Includes setup instructions for QR pairing, persistent session, and systemd service.
- Details command references, selectors, troubleshooting, and security practices.
元数据
常见问题
Google Messages 是什么?
Send and receive SMS/RCS via Google Messages web interface (messages.google.com). Use when asked to "send a text", "check texts", "SMS", "text message", "Google Messages", or forward incoming texts to other channels. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2333 次。
如何安装 Google Messages?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install google-messages-openclaw-skill」即可一键安装,无需额外配置。
Google Messages 是免费的吗?
是的,Google Messages 完全免费(开源免费),可自由下载、安装和使用。
Google Messages 支持哪些平台?
Google Messages 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Google Messages?
由 kesslerio(@kesslerio)开发并维护,当前版本 v0.1.0。
推荐 Skills