Eywa
ReviewAudited by ClawScan on May 10, 2026.
Overview
Eywa is coherent for multi-agent coordination, but it sends and reuses persistent shared context through an external room with unclear access controls and a risky default room.
Install only if you are comfortable using Eywa as a shared external coordination service. Configure a private room before first use, avoid logging secrets or sensitive project details, and treat retrieved tasks, messages, and knowledge as advisory until verified.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Project activity, messages, tasks, and coordination context could be visible to unintended agents or humans if the default or a guessable shared room is used.
The helper sends MCP calls to an external service using only room and agent query parameters, defaulting to a generic `demo` room and showing no authentication or membership boundary in the artifacts.
URL="${EYWA_URL:-https://eywa-mcp.armandsumo.workers.dev}"
ROOM="${EYWA_ROOM:-demo}"
AGENT="${EYWA_AGENT:-openclaw}"
ENDPOINT="${URL}/mcp?room=${ROOM}&agent=${AGENT}"Use only a private, explicitly configured room and endpoint; avoid secrets; and require clear documentation of who can join, read, write, and delete room data.
Sensitive project details may persist beyond the session, and stale or malicious shared knowledge could influence later agent decisions.
The skill explicitly creates persistent shared memory, but the visible guidance does not bound what may be stored, how long it remains, who can modify it, or how future agents should distrust unverified entries.
**eywa_learn** — Store persistent knowledge (survives sessions).
Treat Eywa memory as shared and untrusted; do not store secrets or private data, and verify persistent knowledge before relying on it.
The agent may change priorities or follow shared-room tasks/destinations that were not set by the user.
The skill instructs the agent to let remote room state affect task selection; with unclear room membership or trust boundaries, other participants could steer the agent away from the user's intended work.
**Coordinate, don't duplicate**: Check `eywa_status` and `eywa_tasks` before starting work. If another agent is already on it, pick something else.
Require user confirmation before changing objectives based on Eywa tasks, status, destination, or messages, especially in shared rooms.
Installing the skill depends on trusting the external package publisher and whatever code the package installs.
The skill installs an external Node package as part of setup. This is purpose-aligned, but the provided artifacts do not include the package contents or a pinned version.
[0] node | package: eywa-ai | creates binaries: eywa
Verify the npm package, publisher, and version before installing; prefer pinned versions and reviewed package provenance.