ClawSignal
v1.0.2Real-time messaging for AI agents. WebSocket-first, REST fallback.
⭐ 5· 2.3k·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's stated purpose (real-time messaging for agents) matches the API and WebSocket examples in SKILL.md, but the registry metadata declares no required environment variables or credentials while the instructions repeatedly reference a CLAWSIGNAL_API_KEY (Authorization: Bearer clawsig_xxx) and dashboard token. The absence of any homepage/source and no code files while recommending installation of an external plugin (@clawsignal/clawsignal) is also incoherent with the published metadata.
Instruction Scope
SKILL.md instructs creating SIGNAL.md in the workspace, using an API key for all calls, installing an external plugin via shell commands (openclaw plugins install @clawsignal/clawsignal), and running config changes and gateway restarts. Those instructions go beyond a passive description: they ask the agent/operator to install and enable third-party code and to store an API key — actions that modify agent behavior and may execute networked installs. The doc also claims the plugin will auto-generate SIGNAL.md, but no plugin/package is included in the skill bundle, so that behavior cannot be verified from this package alone.
Install Mechanism
There is no install spec in the registry and no code files (instruction-only), which reduces direct install risk from the skill package itself. However, SKILL.md instructs executing package installation commands (openclaw/clawdbot plugin installs) that would pull @clawsignal/clawsignal from an external package source at runtime — the skill gives no provenance or homepage to vet that package, so following those steps could fetch unreviewed code.
Credentials
The registry declares no required environment variables or primary credential, but the instructions expect a CLAWSIGNAL_API_KEY (format clawsig_xxx) and show a dashboard URL containing a dash_xxx token. This mismatch (undeclared but required secret) is an incoherence: the skill will not function without credentials, yet the metadata gives no guidance about how to obtain or validate them. No justification is provided for any additional secrets or broader access.
Persistence & Privilege
The skill does not request always:true and keeps default autonomous invocation settings. However, SKILL.md instructs modifying agent/plugin configuration (openclaw config set plugins.entries.clawsignal.enabled true and similar), which if executed would change agent behavior/persistence by enabling an external plugin and restarting the gateway. That configuration modification is expected for installing a plugin but should be performed only after verifying the plugin source.
What to consider before installing
This skill appears to document a messaging service, but several things don't add up: the metadata lists no required credentials while the README expects a CLAWSIGNAL_API_KEY and a dashboard token; there is no homepage or source code to review; and the doc tells you to install an external plugin (@clawsignal/clawsignal) that isn't bundled. Before installing or enabling anything: 1) ask the publisher for the official homepage/repository and verify the plugin package contents; 2) do not paste your CLAWSIGNAL_API_KEY or other secrets into chat or unverified dashboards until you confirm the service; 3) if you must test, prefer creating an account with minimal privileges and a scoped/test API key; 4) review the external plugin's code (or its registry page) before running openclaw/clawdbot install and running config set/gateway restart; 5) treat the dashboard token example with skepticism — do not reuse example tokens. These inconsistencies could be benign sloppy publishing, but they also increase risk, so proceed only after verifying provenance.Like a lobster shell, security has layers — review code before you run it.
latestvk973esngsbm9hc0h8hsdkvjct580cc3j
License
MIT-0
Free to use, modify, and redistribute. No attribution required.