← 返回 Skills 市场
843
总下载
0
收藏
0
当前安装
5
版本数
在 OpenClaw 中安装
/install wa-relay-skill
功能描述
WhatsApp message relay for OpenClaw v0.2.0. Routes third-party DMs to a relay agent that forwards them to the main agent via sessions_send. The main agent no...
安全使用建议
This skill appears to be what it says, but it performs sensitive local actions. Before installing: 1) Inspect auth-profiles.json contents and consider creating or using a dedicated, limited-scope credential for the relay (do not blindly copy full admin/owner credentials). 2) Backup your OpenClaw installation and the main agent workspace (SOUL.md and auth files). 3) Review and, if desired, run the setup script step-by-step rather than letting it auto-patch: decline the credential copy and patch prompts and perform changes manually if you prefer. 4) After applying, verify .bak backups exist and that you can revert the regex patch once upstream PR #16531 is merged; remove copied credentials when no longer required. 5) Run in a test environment first and limit filesystem permissions on the relay workspace. If you are uncomfortable giving the relay full credential access or allowing scripts to patch node_modules, do not install; instead implement routing manually or use credentials scoped specifically for the relay.
功能分析
Type: OpenClaw Skill
Name: wa-relay-skill
Version: 0.2.1
The skill is classified as suspicious due to high-risk operations performed by `scripts/setup.sh`. It copies sensitive `auth-profiles.json` credentials from the main agent to the relay agent, significantly expanding the attack surface. Furthermore, it modifies core OpenClaw JavaScript files (`paths-*.js`) and the main agent's `SOUL.md` using powerful `node -e` and `perl` commands. While these actions are transparently documented in `SKILL.md` and require user confirmation, they represent significant system-level modification capabilities and credential exposure, posing substantial vulnerabilities if the skill or environment were compromised.
能力评估
Purpose & Capability
The scripts, README, and config generation align with a WhatsApp relay: creating a relay workspace, routing config, and adding a relay-handling section to the main agent. The files requested and produced match the stated purpose.
Instruction Scope
SKILL.md and scripts explicitly instruct the agent to create a relay workspace, append a relay section to the main agent's SOUL.md, copy auth-profiles.json from the main agent to the relay, and patch OpenClaw dist files to relax the session-id regex. These actions are in-scope for enabling the relay but grant the skill broad file-system modification authority (modifying other agent files and core dist files). The scripts do prompt for confirmation and produce .bak files for patched files.
Install Mechanism
No external installers or downloads are used; this is an instruction-only skill with local shell scripts. That reduces supply-chain risk, but scripts will modify local OpenClaw installation files.
Credentials
The skill does not require environment variables but reads and copies a sensitive file (~/.openclaw/agents/main/agent/auth-profiles.json) containing model-provider credentials. Copying these credentials to the relay is functionally necessary for the relay to authenticate, but it increases the attack surface because the relay gains the same credentials as the main agent. The credential access is not declared in metadata and is a significant privilege escalation in practice.
Persistence & Privilege
The scripts modify other agent state (main agent SOUL.md) and patch OpenClaw's node_modules/dist files to change a core regex. Those are persistent, system-scoped changes. The scripts create backups and ask for confirmation, but these modifications give the skill permanent changes to the runtime and to other agents' configuration.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install wa-relay-skill - 安装完成后,直接呼叫该 Skill 的名称或使用
/wa-relay-skill触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.1
Fixed config.patch JSON format: uses correct agentId/match/peer structure instead of name/filter/from
v0.2.0
New architecture: relay forwards to main agent via sessions_send. Main agent notifies owner with suggested responses. Support for direct number allowlist.
v0.1.2
Fix: enforce NO_REPLY to prevent relay from responding to senders. Add social engineering protection. Add interactive confirmations for auth copy and regex patch. Add security notes to SKILL.md.
v0.1.1
- Added frontmatter metadata to SKILL.md for improved documentation and clarity.
- Updated requirements to specify compatibility with OpenClaw v2026.2.14+.
- Expanded documentation with detailed security notes, explaining auth credential sharing and session ID patching required during setup.
- Improved setup instructions and transparency on required system modifications.
v0.1.0
- Initial release of wa-relay for OpenClaw.
- Routes third-party WhatsApp DMs to a relay agent that notifies the owner.
- Ensures only authorized replies are sent to third parties.
- Provides setup scripts for owner number registration and configuration generation.
- Requires OpenClaw with WhatsApp channel and owner's phone number.
元数据
常见问题
Wa Relay 是什么?
WhatsApp message relay for OpenClaw v0.2.0. Routes third-party DMs to a relay agent that forwards them to the main agent via sessions_send. The main agent no... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 843 次。
如何安装 Wa Relay?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install wa-relay-skill」即可一键安装,无需额外配置。
Wa Relay 是免费的吗?
是的,Wa Relay 完全免费(开源免费),可自由下载、安装和使用。
Wa Relay 支持哪些平台?
Wa Relay 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Wa Relay?
由 zarruk(@zarruk)开发并维护,当前版本 v0.2.1。
推荐 Skills