Antenna
v1.2.6Inter-host OpenClaw session messaging over reachable HTTPS using built-in gateway webhook hooks. Use when: (1) sending a message from this OpenClaw instance...
⭐ 0· 56·0 current·0 all-time
byCorey Shirley@cshirley001
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match what the package implements: a script-first relay that posts to /hooks/agent, parses envelopes, validates peers, and calls sessions_send. Required tools (jq, curl, openssl, age) and local peer/token files in antenna-peers.json are expected for this functionality. There are no unrelated cloud credentials or surprising env vars.
Instruction Scope
Runtime instructions tell a dedicated relay agent to write the entire inbound hook message to a temp file, exec the provided relay script, then call sessions_send with the script output. That is coherent for the stated goal, but it explicitly reads local config/peer/token files and will deliver arbitrary peer-provided message bodies into target sessions; this is expected but increases attack surface (see user guidance).
Install Mechanism
No remote download install spec in the registry bundle; the package includes scripts and an install.sh that only fixes permissions and optionally runs setup. Documentation references a GitHub repo for cloning, but the shipped package contains the working scripts—no high-risk remote extract URLs or opaque installers are required.
Credentials
The skill requests no environment variables in the registry metadata. At runtime it reads local files (antenna-config.json, antenna-peers.json, token_file paths, peer_secret_file paths under a secrets/ directory). Those file accesses are appropriate for peer-based webhook auth, but they do require access to local secret files (bearer tokens and per-peer secrets).
Persistence & Privilege
always:false (normal). The setup process is designed to register a dedicated agent and to modify gateway configuration (allowedAgentIds, allowedSessionKeyPrefixes, tool visibility) and optionally symlink a CLI into PATH. Those system-level changes are coherent with the goal but should be reviewed because they expand gateway capabilities and require admin privileges.
Assessment
Antenna appears to do what it says: a script-based relay that posts messages into target sessions using bearer tokens and per-peer secrets. Before installing, review these points: (1) The setup step will modify gateway configuration (agent registration, session visibility, agent-to-agent settings) and may symlink a CLI into /usr/local/bin—run setup as an administrator and inspect diffs. (2) The relay reads local secret files (token_file and peer_secret_file) to authenticate; keep those files in a secure directory with strict permissions and do not commit them to repos. (3) Incoming messages are written verbatim to a temp file and delivered into sessions; although the agent is instructed not to follow message-embedded instructions, relayed content can still influence receiving agents or humans—use allowlists, inbox/approval, and rate limits to reduce risk. (4) Audit scripts you care about (scripts/antenna-relay.sh, antenna-send.sh, antenna-setup.sh, and install.sh) before running; verify logging paths and that token/secret file lookups are to expected locations. (5) Prefer manual review and testing in a non-production environment, pair only with trusted peers initially, and enable the inbox/auto-approve workflow until you are comfortable with behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk976mbrrwzee2cdehcgjpeh5rs84qcx5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.