Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Eywa
v0.1.0Multi-agent coordination, spatial memory, and swarm navigation. Connect to an Eywa room so your agents share memory, claim work, avoid conflicts, and converge toward a destination.
⭐ 0· 951·2 current·2 all-time
by@a-sumo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (multi-agent coordination, shared memory) align with the included helper script and an eywa CLI install. Requiring a network tool (curl/wget) and a node package (eywa-ai) is consistent with that purpose. However, the SKILL.md declares EYWA_* environment variables (EYWA_URL, EYWA_ROOM, EYWA_AGENT) while the registry metadata lists no required env — this metadata mismatch is a coherence issue that could confuse users about what must be configured.
Instruction Scope
Runtime instructions tell the agent to call eywa-call.sh, which will POST arbitrary JSON (tool name + arguments) to an external MCP endpoint. The SKILL.md explicitly encourages logging filesystem operations and other actions so other agents can continue work; while the script doesn't itself read local files, the instructions encourage agents to send structured summaries that may include file paths, artifact names, or even copied content. That gives an easy vector for sensitive data to be transmitted to the third‑party endpoint.
Install Mechanism
Install uses an npm package (eywa-ai) and produces an eywa binary. npm installs are a common moderate-risk supply-chain vector (packages should be reviewed), but there's no direct evidence of a download-from-untrusted-URL or archive extraction. The provided helper script is small and readable. Consider reviewing the eywa-ai package source before installing.
Credentials
The skill relies on EYWA_URL/ROOM/AGENT environment variables (documented in SKILL.md) but the registry metadata lists no required env vars — an inconsistency. No authentication tokens are requested or documented, so calls go to the endpoint unauthenticated by default; combined with the instruction set that encourages logging operations, this creates a realistic risk of unintentionally sending sensitive data to an external service.
Persistence & Privilege
The skill is not marked always:true and does not request system-level privileges or configuration changes. Installing an npm binary and providing a helper shell script is normal and limited in scope.
What to consider before installing
Eywa appears to implement a coordination layer as described, but ask yourself: Do you trust the remote MCP endpoint (default: eywa-mcp.armandsumo.workers.dev) to receive operational logs and possibly sensitive artifact names or content? Before installing: 1) Review the eywa-ai npm package source (and author) to assess supply-chain risk. 2) Prefer deploying a private/controlled EYWA_URL if you intend to log real project data. 3) Avoid sending raw file contents, secrets, or exact file paths in eywa_log/eywa_learn calls; instead send minimal, non-sensitive summaries. 4) Note the SKILL.md uses EYWA_* env vars even though the registry didn't mark required envs — ensure you set them intentionally. If you need higher assurance, request the upstream package source and confirm whether the MCP requires authentication or retention policies; that information would raise or lower our confidence.Like a lobster shell, security has layers — review code before you run it.
coordinationvk9747cvmvpsvbbpr08qnks15qs811khglatestvk9747cvmvpsvbbpr08qnks15qs811khgmcpvk9747cvmvpsvbbpr08qnks15qs811khgmemoryvk9747cvmvpsvbbpr08qnks15qs811khgmulti-agentvk9747cvmvpsvbbpr08qnks15qs811khgswarmvk9747cvmvpsvbbpr08qnks15qs811khg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🌳 Clawdis
Any bincurl, wget
Install
Install Eywa CLI
Bins: eywa
npm i -g eywa-ai