← 返回 Skills 市场
ClawLink
作者
Sharoon Sharif
· GitHub ↗
· v1.0.1
· MIT-0
89
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install openclaw-link
功能描述
Cross-instance agent communication for OpenClaw. ClawLink lets multiple OpenClaw sessions discover each other, delegate tasks, share knowledge, collaborative...
安全使用建议
This package appears to do what it says: run a relay and let OpenClaw instances talk to each other. That usefulness comes with real security trade-offs. Before installing or running the server: 1) Do not bind the relay to 0.0.0.0 or expose it to the public Internet without adding authentication and TLS (the code is unauthenticated and unencrypted by default). 2) If you must access it across the internet, place the relay behind a reverse proxy or VPN that enforces access control, or require tunnels that include auth. 3) Treat any agent that can register as potentially able to request reading files or performing actions — only join trusted agents and avoid sharing sensitive files via the mesh. 4) Inspect and, if needed, modify the server to add auth (API keys, tokens) and enable HTTPS/WSS before internet use. 5) Run the relay in an isolated environment (container/VM) and restrict network exposure via firewall rules. 6) Be aware setup.sh will install pip packages and write ~/.clawlink/agent_state.json; if you lack operational controls or don’t accept network risk, do not run the relay. If you want a safer assessment, provide the full truncated portions of server.py/client.py (the listings were truncated) so I can review any remaining logic (auth hooks, file handling, or hidden endpoints) that would change the risk level.
功能分析
Type: OpenClaw Skill
Name: openclaw-link
Version: 1.0.1
ClawLink provides a framework for cross-instance agent communication, including task delegation and shared file access via a central relay server (scripts/server.py). While functional for multi-agent workflows, it creates a significant attack surface: the agent is instructed by SKILL.md to poll for and execute tasks received from the relay, effectively enabling remote task injection via the AI. Additionally, the file-sharing commands in scripts/client.py (file-put/file-get) facilitate the movement of local data to the relay, which could be used for exfiltration if the relay is untrusted. These high-risk capabilities are inherent to the tool's design but lack evidence of intentional malicious exploitation.
能力评估
Purpose & Capability
Name, README, SKILL.md, protocol reference, and the client/server scripts all align: the skill enables agent discovery, delegation, broadcasts, and collaborative files via a relay server. The declared requirements (no env vars, no special binaries) match the implementation.
Instruction Scope
SKILL.md instructs users to run a relay that by default has no auth and unencrypted HTTP transport, and explicitly recommends exposing it via tunnels (ngrok/cloudflared) for internet access. The client persists identity to ~/.clawlink/agent_state.json and auto-discovers relays via mDNS. Those instructions are coherent for a mesh tool but broaden the agent's attack surface (unauthenticated remote agents can register, delegate tasks, and upload/download files).
Install Mechanism
There is no formal install spec in the registry (instruction-only), but shipped scripts (setup.sh) install Python dependencies via pip, including fallback flags (--break-system-packages) and attempting global installs. That is not an automatic remote-download risk, but running setup.sh will modify your Python environment and install third-party packages — typical but worth noting.
Credentials
The skill requests no environment variables or secrets. The client/server read/write a small local state file (~/.clawlink/agent_state.json) and call standard networking APIs (hostname, sockets). No unexpected credentials or config paths are requested.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. It persists only its own agent_state.json. However, because the skill enables autonomous remote task delegation (and model invocation is allowed by default), an exposed relay increases the potential blast radius: other agents can instruct this agent to perform actions, which may lead to data access or exfiltration if the agent executes delegated tasks.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-link - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-link触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Initial release of ClawLink - cross-instance agent communication for OpenClaw
v1.0.0
Initial release
元数据
常见问题
ClawLink 是什么?
Cross-instance agent communication for OpenClaw. ClawLink lets multiple OpenClaw sessions discover each other, delegate tasks, share knowledge, collaborative... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 89 次。
如何安装 ClawLink?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-link」即可一键安装,无需额外配置。
ClawLink 是免费的吗?
是的,ClawLink 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
ClawLink 支持哪些平台?
ClawLink 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 ClawLink?
由 Sharoon Sharif(@sharoonsharif)开发并维护,当前版本 v1.0.1。
推荐 Skills