← 返回 Skills 市场
jason-czar

Private Bridge

作者 Jason Czarnecki · GitHub ↗ · v1.0.2
cross-platform ⚠ suspicious
470
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install private-bridge
功能描述
Secure outbound-only relay for remote OpenClaw control — no exposed ports, no SSH, no Telegram.
安全使用建议
This skill appears internally consistent, but it gives a remote operator the ability to send prompts, trigger workflows, and restart your OpenClaw instance over an authenticated outbound channel. Before installing: only configure a relay URL you trust, treat AUTH_TOKEN like a secret and rotate it if compromised, review the relay operator's privacy/persistence guarantees (the client cannot enforce server-side retention), run the skill on a host with appropriate isolation/permissions, and monitor logs/network usage. If you need stronger assurance, review the relay server code or host your own relay.
功能分析
Type: OpenClaw Skill Name: private-bridge Version: 1.0.2 The skill provides powerful remote control capabilities, including executing AI prompts, triggering workflows, and restarting the OpenClaw process, as defined by the `OpenClawRuntime` interface in `capabilities.ts` and implemented in `relayClient.ts`. While these capabilities are transparently declared in `SKILL.md` and `README.md` and align with the stated purpose of remote management, they inherently introduce a significant attack surface. If the remote relay server (e.g., `wss://relay-terminal-cloud.fly.dev`) is compromised, or if the host OpenClaw runtime's implementation of `executePrompt` or `executeWorkflow` is not adequately sandboxed, these declared functionalities could be exploited for remote code execution or unauthorized system manipulation. There is no evidence of intentional malicious behavior such as unauthorized data exfiltration, persistence mechanisms, or obfuscation within the skill's code or documentation.
能力评估
Purpose & Capability
Name/description (PrivateBridge / remote-relay) match the included code: the RelayClient opens an outbound WebSocket to a configured relay, authenticates with a token and node_id, sends heartbeats, and dispatches capability-scoped commands (prompt, status, restart, workflow). Required env vars (RELAY_URL, NODE_ID, AUTH_TOKEN) align with functionality.
Instruction Scope
SKILL.md instructs only to configure relay_url/node_id/auth_token and start OpenClaw; the runtime code only uses those values and the provided OpenClaw runtime interface. The instructions do not ask the agent to read other files, environment variables, or system configuration. Note: SKILL.md asserts the relay does not persist prompt content — that is a promise by the remote operator and cannot be verified from the client code.
Install Mechanism
There is no install script or external download. The package is instruction- and code-based with local TypeScript files; nothing in the manifest pulls third-party binaries or remote archives during install.
Credentials
The skill requires exactly three env/config values: relay URL, node id, and auth token. Those are appropriate and proportional to establishing an authenticated outbound relay connection. No unrelated secrets or system credentials are requested.
Persistence & Privilege
The skill is not forced-always-installed (always: false) and does not modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but is consistent with the skill's purpose (it needs to receive remote commands while running).
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install private-bridge
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /private-bridge 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
- Rebranded and renamed the skill as "private-bridge" for secure outbound-only remote OpenClaw control. - Removes reliance on SSH, Telegram, and Discord by using a TLS-encrypted WebSocket relay channel. - Adds node lifecycle management with defined Online, Reconnecting, and Offline states. - Enforces strict capability-based remote command execution (chat, status, restart, workflow). - Clarifies security posture: outbound-only network activity, limited data transmission, and no external data persistence. - Expanded documentation with configuration steps, protocol details, and explicit trust statement.
元数据
Slug private-bridge
版本 1.0.2
许可证
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Private Bridge 是什么?

Secure outbound-only relay for remote OpenClaw control — no exposed ports, no SSH, no Telegram. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 470 次。

如何安装 Private Bridge?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install private-bridge」即可一键安装,无需额外配置。

Private Bridge 是免费的吗?

是的,Private Bridge 完全免费(开源免费),可自由下载、安装和使用。

Private Bridge 支持哪些平台?

Private Bridge 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Private Bridge?

由 Jason Czarnecki(@jason-czar)开发并维护,当前版本 v1.0.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论