← 返回 Skills 市场
x0x
作者
Jim Collinson
· GitHub ↗
· v0.19.11
· MIT-0
281
总下载
1
收藏
0
当前安装
10
版本数
在 OpenClaw 中安装
/install x0x
功能描述
Secure computer-to-computer networking for AI agents — gossip broadcast, direct messaging, CRDTs, group encryption. Post-quantum encrypted, NAT-traversing. E...
安全使用建议
This skill appears to do what it says (a peer-to-peer networking daemon), but it requires installing and running a persistent network service and creating long-lived local keys. Before installing: (1) Prefer downloading GitHub release tarballs and verifying checksums/GPG signatures rather than piping a script from https://x0x.md. (2) Inspect any install script you would run (curl | sh) and the systemd/launchd autostart unit it would create. (3) If you can, build from source or verify the exact GitHub release commit and signatures. (4) Be aware the daemon will open outbound network connections to bootstrap nodes and stores sensitive keys under ~/.x0x; treat those files as secrets. (5) If you lack the ability to audit the binary or script, avoid autostart and run in an isolated/test environment (container or VM) first. These steps will reduce the risk of installing an unknown persistent network service.
功能分析
Type: OpenClaw Skill
Name: x0x
Version: 0.19.11
The x0x skill bundle provides a decentralized P2P networking stack for AI agents, featuring post-quantum encryption (ML-KEM/ML-DSA) and NAT traversal. The installation process follows standard OpenClaw patterns by downloading binaries from a legitimate GitHub repository (saorsa-labs/x0x) and placing them in ~/.local/bin. The documentation describes a well-architected system with local API authentication via bearer tokens and clear identity management, and the instructions are consistent with the stated purpose of enabling secure agent-to-agent communication without evidence of malicious intent or prompt injection.
能力标签
能力评估
Purpose & Capability
Name/description (peer-to-peer networking, gossip, CRDTs, NAT traversal) align with the actions described in SKILL.md: installing a CLI + daemon, generating machine/agent keys, using bootstrap nodes, and opening network NAT-traversing connections. Requiring curl and adding binaries to ~/.local/bin is coherent for this functionality.
Instruction Scope
SKILL.md explicitly instructs installing binaries or running an install script, starting a long-running daemon, generating and storing keys under ~/.x0x, and reading files such as an API token from the data directory. These are expected for a networking daemon, but reading and creating persistent identity keys and API tokens means the skill (and the installed daemon) will have persistent secrets and network access — worth auditing and consenting to.
Install Mechanism
The SKILL.md metadata and instructions prefer GitHub release tarballs (good, traceable). However the instructions also recommend piping an installer from https://x0x.md (curl | sh), which is a higher-risk pattern because it executes a remote script without local inspection. The download/extract targets ~/.local/bin (writes user binaries). If using prebuilt binaries, verify signatures/checksums; do not blindly run remote install scripts.
Credentials
The skill declares no required env vars or credentials (consistent). The runtime instructions reference local files (e.g., ~/.x0x/*, data dir api-token, api.port) which are reasonable for controlling the local daemon. Expect that installed daemon will store and use long-lived keys and tokens; those are necessary for the declared purpose but are sensitive and should be protected/inspected.
Persistence & Privilege
The skill's normal operation involves installing a persistent background daemon (x0xd), optional autostart, and generation of machine-pinned keys. While the registry flags do not force 'always: true', installing this skill will create a persistent networked process on the host — a legitimate but high-impact capability. Ensure you trust the binaries before granting this persistence.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install x0x - 安装完成后,直接呼叫该 Skill 的名称或使用
/x0x触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.19.11
Update x0x to v0.19.11.
v0.19.8
Update x0x from v0.19.5 to v0.19.8.
v0.19.5
Update x0x from v0.19.3 to v0.19.5.
v0.19.3
Update x0x from v0.17.4 to v0.19.3.
v0.17.4
Sync to upstream x0x 0.17.4. Since 0.14.9: Phase-E named groups (MLS state-commit chain), Phase C.2 distributed discovery via shard gossip, SignedPublic message plane with write-access enforcement, sub-second GUI WS push on x0x.groups.public, data-dir-scoped agent.cert (fixes multi-daemon-per-host identity trampling), ant-quic 0.26.13 + saorsa-gossip 0.5.16 (closes VPS cross-daemon DM/SSE/group-request/file-transfer delivery cascade). Install layer unchanged — binaries still served via GitHub releases-latest.
v0.14.9
Republish skill from minimal bundle
v0.14.8
- Bumped version to 0.14.8.
- Updated documentation to reflect new version.
- Minor adjustments in CLI and signature handling code.
v0.14.7
No file changes detected since the previous version.
- Version bumped from 0.14.0 to 0.14.7, but no file content was modified.
- No features, fixes, or documentation updates added in this release.
v0.14.5
x0x 0.14.5
Major update with expanded documentation, install scripts, and new features.
- Added 70+ new files, including detailed architecture, primers, security, and ecosystem documentation.
- Overhauled installation: multi-platform binary downloads and install scripts are now supported directly via SKILL.md and command line.
- Comprehensive CLI and REST API usage guides added, with step-by-step examples.
- Restructured project documentation and codebase for easier onboarding and clearer developer experience.
- Improved support for MLS group encryption, direct messaging, and automated key generation.
- Removed legacy bootstrap binary; new modular binaries for daemon and CLI are now standard.
v0.14.0
**Major security and networking enhancements for AI agent communication**
- Introduces a decentralized, serverless networking layer with gossip broadcast, direct messaging, CRDT sync, and group encryption.
- Implements post-quantum encryption (ML-DSA-65, ML-KEM-768, ChaCha20-Poly1305) compatible with NIST FIPS standards.
- Enables secure NAT traversal using QUIC with no need for STUN/ICE/TURN servers.
- Supports three-layer identity management (machine, agent, and optional human IDs) for privacy and portability.
- Establishes agent discovery and communication using fully encrypted, authenticated QUIC connections; bootstrap nodes used only for peer discovery.
元数据
常见问题
x0x 是什么?
Secure computer-to-computer networking for AI agents — gossip broadcast, direct messaging, CRDTs, group encryption. Post-quantum encrypted, NAT-traversing. E... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 281 次。
如何安装 x0x?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install x0x」即可一键安装,无需额外配置。
x0x 是免费的吗?
是的,x0x 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
x0x 支持哪些平台?
x0x 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 x0x?
由 Jim Collinson(@jimcollinson)开发并维护,当前版本 v0.19.11。
推荐 Skills