ClawHub

Agent Comm Skill

v0.1.0

Enables DID registration, cryptographic signing, verification, Relay connection, and end-to-end encryption for secure AI agent communication.

0· 249·0 current·0 all-time
by@404-unknow
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill name/description (agent comm, DID, signing, E2EE, relay) matches the code and SKILL.md actions. The implementation (index.js/ts + scripts/vault.js) implements identity generation, signing, verifying, symmetric encryption, and a WebSocket relay handshake. Small mismatches: plugin.json entry points to dist/index.js but no dist/ directory is provided in the bundle, and package.json lists a dependency ('loro') that is not used in the source — these are packaging issues but do not contradict the stated purpose.
Instruction Scope
SKILL.md exports a narrow set of actions (agent.register, message.sign/verify, network.connect/broadcast, secret.encrypt/decrypt) and the runtime code implements those. The code only reads/writes a local keystore path (process.cwd()/data/keystore) and connects to a relay URL provided by the caller (defaulting to ws://localhost:3001). There are no instructions to read unrelated system files or environment variables, nor to transmit data to hardcoded remote endpoints.
Install Mechanism
The repository contains source and a package.json with npm dependencies (libsodium-wrappers, ws, uuid). There is no explicit install spec in the skill metadata — the platform will need to install dependencies or run a build to use the skill. This is not inherently malicious but requires the platform to run npm install / build steps; verify dependency integrity and the build process before running.
Credentials
No environment variables or external credentials are requested (proportional). However, the vault module writes private keys to disk under data/keystore in the current working directory and stores privateKey in hex in a JSON file with file mode 0o600. Storing private keys on disk is expected for this use case but is sensitive — confirm where the working directory is and who can access those files on your system.
Persistence & Privilege
The skill does not request always:true or elevated platform privileges. It stores its own keystore files under a local path and keeps in-memory WebSocket connections; it does not modify other skills or global agent configuration.
Assessment
This skill appears to implement what it claims, but review these points before installing: - Key storage: the vault stores privateKey and publicKey as hex in data/keystore/<localId>.keys.json (mode 0o600). Make sure the skill will run in a directory where those files are appropriately protected and that you accept local disk storage of secret material. Consider running in an isolated container or using a hardware-backed keystore if available. - Relay endpoints: the code will connect to any relayUrl you provide (default ws://localhost:3001). Only connect to relays you trust; verify the relay server address before invoking network.connect to avoid connecting to untrusted hosts. - Packaging/build: plugin.json points to dist/index.js but the bundle provides source files (index.js/index.ts) and no dist/. The platform will need to install npm deps and possibly build. Verify the exact install/build steps and dependency integrity (npm registry, lockfile) before running. - Dependencies: verify and audit dependencies (libsodium-wrappers, ws, uuid and transitive deps). The bundle contains a package-lock.json — use it to validate package integrity or vendor the dependencies if you require stricter supply-chain controls. - Small oddities: an included dependency 'loro' appears in package.json but is unused in the code; this is likely harmless but worth confirming there are no hidden/unused modules that might be introduced later. If you need higher assurance, run the skill in an isolated environment, inspect the keystore files after registration, and perform a network capture while exercising network.connect to confirm it only talks to intended relays.

Like a lobster shell, security has layers — review code before you run it.

latestvk972pshtq6cgg54b4vh46bmacn82f2v0
249downloads
0stars
1versions
Updated 1mo ago
v0.1.0
MIT-0
@404-unknow
latest
Download

Agent Communication Skill (PassDeck)

This skill provides the security and networking foundation for AI Agent swarms. It handles DID (Decentralized Identity) registration, cryptographically secure signing using Ed25519, and E2EE (End-to-End Encryption) for sensitive data.

🚀 Key Actions

agent.register

  • Description: Registers a new local agent identity or restores an existing one. Returns the agent's unique DID.
  • Parameters: { alias?: string }
  • Output: { localId: string, did: string, publicKey: hex }

message.sign

  • Description: Signs a payload using the agent's private key. Ensures data integrity and non-repudiation.
  • Parameters: { localId: string, payload: any }
  • Output: { signature: hex }

message.verify

  • Description: Verifies a signed message against a public key. Used to detect data tampering or unauthorized updates.
  • Parameters: { publicKeyHex: string, payload: any, signatureHex: string }
  • Output: { verified: boolean }

network.connect

  • Description: Establishes an authorized connection to a Relay server. Implements a DID challenge-response handshake.
  • Parameters: { sessionId: string, localId: string, did: string, onUpdate: function }
  • Output: { success: true }

secret.encrypt / secret.decrypt

  • Description: High-level E2EE functions for managing secure credentials within the collaborative pool.
  • Parameters: { payload/ciphertext: any, sessionKey: string }
  • Output: { ciphertext/decrypted: any }

Comments

Loading comments...