{"skill":{"slug":"lobsterlan","displayName":"LobsterLAN","summary":"Communicate with other OpenClaw agents on your local network. Use when you need to ask another agent a question (sync), delegate a task (async), or check if...","description":"---\nname: lobsterlan\nversion: 1.0.1\ndescription: Communicate with other OpenClaw agents on your local network. Use when you need to ask another agent a question (sync), delegate a task (async), or check if a peer agent is reachable. Supports both synchronous chat completions and asynchronous webhook-based task delegation. Requires peers.json config with peer addresses and tokens.\n---\n\n# LobsterLAN — Agent-to-Agent Communication\n\nTalk to other OpenClaw agents on your LAN.\n\n## Setup\n\n1. Copy `config/peers.example.json` to `config/peers.json`\n2. Fill in peer hostnames, ports, and tokens\n3. Ensure target agents have the required APIs enabled (see below)\n4. **Set up a secure transport** (see Network Transport below)\n\n## Required Config on Target Agent\n\nFor **sync ask** (chat completions):\n```jsonc\n// Target agent's openclaw.json — keep bind as \"loopback\"!\n{\n  \"gateway\": {\n    \"http\": {\n      \"endpoints\": {\n        \"chatCompletions\": { \"enabled\": true }\n      }\n    }\n  }\n}\n```\n\n> ⚠️ **Do NOT set `gateway.bind` to `\"lan\"`** — OpenClaw will refuse to start if the gateway is exposed on a non-loopback address without TLS. Use a secure transport instead (see below).\n\nFor **async delegate** (webhooks):\n```jsonc\n{\n  \"hooks\": {\n    \"enabled\": true,\n    \"token\": \"a-secure-shared-secret\"\n  }\n}\n```\n\n## Network Transport\n\nOpenClaw gateways default to `bind: loopback` and will not start with plaintext on non-loopback addresses. You need a secure transport layer for cross-host communication:\n\n| Approach | Complexity | Best For |\n|----------|-----------|----------|\n| **SSH Tunnel** ⭐ | Low | Home LANs, simple setups |\n| **Reverse Proxy (TLS)** | Medium | Environments with existing Caddy/nginx |\n| **Tailscale Serve** | Medium | Multi-site or remote agents |\n\n**For simple LANs, SSH tunneling is recommended.** Both gateways stay on loopback, the SSH tunnel provides encryption, and no gateway config changes are needed.\n\n### SSH Tunnel Example\n\nForward a local port to the remote agent's loopback gateway:\n```bash\nssh -N -L 18790:127.0.0.1:18790 user@remote-agent-host\n```\n\nThen in `peers.json`, point the peer to `127.0.0.1:18790` (the local tunnel endpoint).\n\nFor persistence, use a systemd user service with `Restart=always`. See the full setup guide in `docs/setup.md`.\n\n## Commands\n\n### Ask (synchronous — wait for reply)\n```bash\nscripts/lobsterlan.sh ask scotty \"What is the CPU temperature?\"\n```\nUse for quick questions where you need the answer now.\n\n### Delegate (async — fire and forget)\n```bash\nscripts/lobsterlan.sh delegate scotty \"Generate 5 zen wallpapers and push to the file share\"\n```\nUse for long-running tasks. The peer processes independently.\n\n### Status check\n```bash\nscripts/lobsterlan.sh status scotty\n```\n\n### List peers\n```bash\nscripts/lobsterlan.sh peers\n```\n\n## Agent Usage (from within OpenClaw)\n\nRun via exec tool:\n```bash\ncd ~/.openclaw/workspace/skills/lobsterlan && scripts/lobsterlan.sh ask scotty \"status report\"\n```\n\n## Security\n\nThree layers protect communication:\n1. **Network**: LAN-only (firewall blocks external access to gateway port)\n2. **Gateway token**: Bearer auth on every request\n3. **Agent ID header** (optional): `X-LobsterLAN-Agent` sent with self-ID\n\nThe gateway token is the real security boundary. The agent ID header is defense-in-depth for environments where you want explicit identity verification.\n\n## Environment Variables\n\n- `LOBSTERLAN_CONFIG` — path to peers.json (default: `../config/peers.json` relative to script)\n","topics":["Webhook","Json","Sync"],"tags":{"latest":"1.0.1"},"stats":{"comments":0,"downloads":800,"installsAllTime":30,"installsCurrent":0,"stars":1,"versions":2},"createdAt":1772360965393,"updatedAt":1778491678078},"latestVersion":{"version":"1.0.1","createdAt":1773810370721,"changelog":"Security fix: eliminate command injection in inline Python blocks. All shell variables now passed via environment variables instead of string interpolation. Added input validation for peer names, hosts, and ports. Added non-localhost warning.","license":"MIT-0"},"metadata":null,"owner":{"handle":"danielithomas","userId":"s175813sqtdwve7j1esbjfprw183qbk0","displayName":"Daniel Thomas","image":"https://avatars.githubusercontent.com/u/60994952?v=4"},"moderation":null}