ClawHub

LobsterLAN

v1.0.1

Communicate with other OpenClaw agents on your local network. Use when you need to ask another agent a question (sync), delegate a task (async), or check if...

1· 369·0 current·0 all-time
byDaniel Thomas@danielithomas
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description describe LAN agent-to-agent communication and the included script and config implement exactly that: synchronous chat completions and asynchronous webhook delegation to configured peers. Required tokens and peer addresses are reasonable and directly related to the stated purpose.
Instruction Scope
SKILL.md and scripts only instruct the agent to read a local peers.json, call configured peer HTTP endpoints, and optionally set up SSH tunnels/reverse proxies. There are no instructions to read unrelated system files or exfiltrate data to unknown endpoints. The skill correctly warns about plaintext LAN connections and recommends secure transport.
Install Mechanism
No install spec or remote downloads; the skill is instruction-only with a bundled shell script. No external packages or extracted archives are fetched at install time.
Credentials
The skill metadata lists no required env vars, and secrets (gateway/hook tokens) are expected in config/peers.json rather than environment variables. That is proportionate to the function, but storing bearer tokens in a plaintext config file is sensitive and should be protected (file permissions, not checked into VCS, or consider alternative secret storage).
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide settings. It runs on demand via its script and relies on operator-provided config and transports.
Assessment
This skill appears to do exactly what it says, but take these precautions before installing: (1) Only configure trusted peers — any configured peer you contact can receive messages and delegated tasks. (2) Protect peers.json (contains gateway/hook tokens) with tight file permissions and avoid committing it to source control. (3) Follow the SKILL.md recommendation to keep OpenClaw gateways bound to loopback and use SSH tunnels/TLS/reverse proxies for cross-host communication; do not expose gateway ports plaintext to untrusted networks. (4) Be aware delegated tasks run on the peer side — if a peer is compromised or malicious it can misuse the delegated work or respond with harmful content. (5) If you require stronger secret handling, consider storing tokens in a secrets manager and adjusting the script to read them from environment variables or a protected store.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dtgvxwnhfdqcpjweaktvafh835s1z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments