← 返回 Skills 市场
1393
总下载
1
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install shellphone-gateway
功能描述
Private WebSocket gateway enabling direct, encrypted communication between iOS devices and self-hosted AI bots with no third-party servers involved.
安全使用建议
This skill is instruction‑only but asks you to fetch and run third‑party code and to connect an iPhone app and an external TTS/ASR service. Before installing or running anything: 1) Inspect the GitHub repo and PyPI package source (prefer a specific release tag/commit) and confirm the code does what you expect. 2) Run the gateway in an isolated environment (VM or container) and restrict network exposure; avoid binding to 0.0.0.0 if not needed. 3) Verify TLS certificates and understand the token authentication flow; rotate and revoke tokens if possible. 4) Consider that ScrappyLabs may receive audio — read their privacy policy if you care about external processing. 5) Prefer running only software you can audit, and do not expose your agent to untrusted mobile clients without additional access controls. If you want a safer install, ask the skill author for precise install hashes, a documented security model for tokens, and details about what data is sent to ScrappyLabs and the TestFlight app.
功能分析
Type: OpenClaw Skill
Name:
Developer:
Version:
Description: OpenClaw Agent Skill
The skill bundle is benign. The `SKILL.md` file provides clear, straightforward instructions for a user to set up a self-hosted WebSocket gateway, including `git clone` and `pip install` commands pointing to a public GitHub repository and PyPI package. There are no instructions for the OpenClaw agent to perform malicious actions, no prompt injection attempts, no data exfiltration, and no obfuscation within the provided files. The content aligns with the stated purpose of connecting an iOS device to AI agents.
能力评估
Purpose & Capability
The SKILL.md describes a self‑hosted WebSocket gateway for iOS and references GitHub, a pip package, Docker Compose, a TestFlight app, and ScrappyLabs TTS/ASR. The skill metadata, however, provides no description, declares no required binaries (git, docker, pip), no install spec, and no environment variables. That absence is inconsistent: a gateway that instructs cloning a repo or running Docker clearly relies on tools not declared in the metadata.
Instruction Scope
Runtime instructions direct the user/agent to clone and run third‑party code, run a long‑running local service that prints an authentication token and exposes a wss:// endpoint, and to use a TestFlight iOS app plus ScrappyLabs for TTS/ASR. The instructions do not include integrity checks (checksums/signatures), do not document token lifecycle or access controls, and implicitly involve sending audio to an external service (ScrappyLabs). These are broader actions than the metadata suggests and could expose an agent to remote clients if misconfigured.
Install Mechanism
There is no formal install spec in the skill metadata, yet the SKILL.md instructs using git clone, docker compose up, or pip install to fetch and run code from third parties (GitHub and PyPI). Fetching and executing remote code without verification (no commit hashes, checksums, or release tags cited) increases risk. The instruction to join a TestFlight beta also relies on unvetted mobile code outside the metadata.
Credentials
The skill declares no required environment variables or credentials, but the gateway workflow relies on runtime tokens printed by the gateway, TLS configuration for wss://, and calls to an external TTS/ASR provider (ScrappyLabs). The absence of any declared env variables is inconsistent with the real-world configuration steps implied by the instructions (e.g., certificates, hostnames).
Persistence & Privilege
The skill is not marked always:true and does not request platform‑level privileges. However, the gateway software the instructions tell you to run is a long‑running network service that will listen on port 8770 and print tokens for client connections; running it permanently increases your attack surface. Autonomous model invocation is enabled by default (normal), but combine this with the gateway's network exposure before proceeding.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install shellphone-gateway - 安装完成后,直接呼叫该 Skill 的名称或使用
/shellphone-gateway触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
shellphone-gateway 1.0.0
- Initial release of a private WebSocket gateway for connecting iOS devices directly to self-hosted AI bots.
- Enables encrypted communication between your iPhone and local AI agents without third-party platforms.
- Auto-detects locally running ollama models for zero-configuration setup.
- Integrated free text-to-speech (TTS) and automatic speech recognition (ASR) via ScrappyLabs, no account required.
- Quick setup with Docker or Python; easy iOS app connection via TestFlight and QR code.
元数据
常见问题
Shellphone Gateway 是什么?
Private WebSocket gateway enabling direct, encrypted communication between iOS devices and self-hosted AI bots with no third-party servers involved. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1393 次。
如何安装 Shellphone Gateway?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install shellphone-gateway」即可一键安装,无需额外配置。
Shellphone Gateway 是免费的吗?
是的,Shellphone Gateway 完全免费(开源免费),可自由下载、安装和使用。
Shellphone Gateway 支持哪些平台?
Shellphone Gateway 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Shellphone Gateway?
由 loserbcc(@loserbcc)开发并维护,当前版本 v1.0.0。
推荐 Skills