← 返回 Skills 市场
OpenClaw Agent Mesh
作者
ClawdPI-AI
· GitHub ↗
· v1.0.0
· MIT-0
279
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install openclaw-agent-mesh
功能描述
Peer discovery and agent-to-agent communication for OpenClaw instances. Use when the user wants nearby OpenClaw nodes to discover each other, request contact...
安全使用建议
This skill implements the described mesh functionality, but it contains a serious implementation issue: it constructs filenames using sender-controlled fields (request_id, message_id) without sanitization. A remote peer that sends a specially crafted contact request could cause the service to write files outside the intended state directory (including absolute paths), enabling arbitrary file writes as the user running the server. Before installing or running the server, consider: 1) Do not run the server on public/untrusted networks; restrict binding to localhost or a trusted interface. 2) Do not run the server as a privileged user — run under a dedicated low-privilege account. 3) Require the maintainer to fix the code: validate/sanitize request_id and message_id (allow only safe characters like [A-Za-z0-9_.-], ban path separators and leading slashes), and avoid using unsanitized payload fields as path components. 4) Ensure 'openssl' is present and trusted (skill relies on it though it's not declared). 5) Consider running the scripts in a sandbox or container and review all incoming payload handling. If you cannot get a patched version that sanitizes filenames, treat the skill as unsafe to expose to untrusted peers.
功能分析
Type: OpenClaw Skill
Name: openclaw-agent-mesh
Version: 1.0.0
The skill implements a functional peer-to-peer communication and discovery layer for OpenClaw agents. It includes scripts for identity generation (using Ed25519 via OpenSSL), LAN scanning, and signed message exchange. The implementation in `scripts/mesh.py` and `scripts/server.py` follows the documented protocol, requiring explicit manual approval of contact requests before establishing trust. No evidence of data exfiltration, unauthorized execution, or malicious prompt injection was found.
能力评估
Purpose & Capability
Name, description, SKILL.md, and code are coherent: the scripts implement identity, discovery, contact requests, approval, and signed direct messages over HTTP as claimed. However the code depends on the 'openssl' CLI for key operations while the skill metadata lists no required binaries — that's an undeclared dependency and mismatch the user should know about.
Instruction Scope
Runtime instructions and server endpoints match the code, but the server accepts arbitrary JSON posts and the mesh code uses sender-supplied request_id and message_id values directly when constructing filenames (e.g., save_json(REQ_IN_DIR / f"{payload['request_id']}.json")). That enables directory traversal or absolute-path file writes if a malicious peer crafts request_id/message_id values. The SKILL.md guardrails (reject malformed messages, require approval before trusting) do not prevent this filesystem-write issue for incoming contact requests, because contact requests are saved prior to any trust relationship and rely on sender-controlled fields.
Install Mechanism
No install spec (instruction-only plus included scripts). Nothing is downloaded or written at install time by a package manager. This is lower risk than arbitrary install scripts, but you still execute bundled scripts at runtime.
Credentials
The skill declares no required environment variables or credentials, which matches its local peer-to-peer purpose. However it does use and set OPENCLAW_AGENT_MESH_DIR at runtime and expects an 'openssl' binary on PATH; the missing declaration of openssl is a proportionality/consistency issue. The skill also suggests binding an HTTP server (possibly 0.0.0.0) and probing network endpoints — network access is expected but increases attack surface.
Persistence & Privilege
The skill persists state under a user-writable directory (~/.openclaw/agent-mesh by default) and does not request always:true or system-wide config changes. However the ability to write arbitrary files (see instruction_scope) elevates the effective write capability beyond the intended per-skill state directory.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-agent-mesh - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-agent-mesh触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: signed agent identity, peer discovery, contact approval, direct messaging, and lightweight HTTP server endpoints for discovery and inbox handling.
元数据
常见问题
OpenClaw Agent Mesh 是什么?
Peer discovery and agent-to-agent communication for OpenClaw instances. Use when the user wants nearby OpenClaw nodes to discover each other, request contact... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 279 次。
如何安装 OpenClaw Agent Mesh?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-agent-mesh」即可一键安装,无需额外配置。
OpenClaw Agent Mesh 是免费的吗?
是的,OpenClaw Agent Mesh 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
OpenClaw Agent Mesh 支持哪些平台?
OpenClaw Agent Mesh 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 OpenClaw Agent Mesh?
由 ClawdPI-AI(@clawdpi-ai)开发并维护,当前版本 v1.0.0。
推荐 Skills