OpenClaw Peer Bridge
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill coherently describes auditable communication patterns between OpenClaw instances, with appropriate guardrails around webhooks, cron jobs, credentials, and approvals.
Before installing or using this skill, make sure any webhook, cron, or chat relay you build has clear ownership, authentication, logging, retry behavior, and rollback steps. Do not send raw secrets through the bridge, and require explicit approval before exposing endpoints, dashboards, or firewall changes.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Messages, task results, audit summaries, or callbacks may cross from one OpenClaw deployment to another or to external automation.
The skill intentionally designs webhook-based communication between OpenClaw deployments, which creates an inter-agent or inter-system data boundary that users should secure.
Target side exposes an HTTP endpoint that accepts the event and decides what to do next.
Use authenticated endpoints, minimal payloads, idempotency keys, audit logs, and avoid sending raw secrets or sensitive data through chat or webhooks.
A bridge implemented from these instructions could keep sending scheduled messages or triggering workflows after initial setup.
The skill includes scheduled relay and long-running remote job patterns, which are forms of ongoing autonomous operation, but they are disclosed and tied to the bridge purpose.
Source instance schedules a cron job.
Define owners, schedules, rollback steps, expiry conditions, and visible logs before enabling cron-based or long-running bridge behavior.