Claw Messenger
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for messaging, but it asks the agent to install unreviewed plugin code, store a live messaging API key, and send messages through third-party infrastructure without clear outbound approval limits.
Before installing, make sure you trust the Claw Messenger provider and the external plugin package. Use a dedicated API key, limit who the agent may message, require approval before outbound messages or media, and understand that message content and routing data pass through the provider's servers.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing this gives unreviewed external code access to the messaging channel and API key.
The skill instructs installation of an external plugin, while the provided review set contains no plugin code or install spec. That unreviewed package would handle live messaging and credentials.
openclaw plugins install @emotion-machine/claw-messenger
Install only if you trust the provider and package; prefer reviewed source, pinned versions, and a declared install spec before giving it credentials.
The agent or plugin could use the live key to send and receive messages and potentially consume paid quota.
The skill requires a live service credential and stores it in agent configuration, despite registry metadata declaring no primary credential or required config path.
Ask your human for the API key from the dashboard (it starts with `cm_live_`) ... `apiKey` (required): The live API key from the dashboard.
Use a dedicated, revocable key; restrict routes where possible; rotate the key if exposed; and require the skill metadata to declare the credential and config file.
An agent could send unintended messages or media to people and incur usage charges.
The instructions authorize broad outbound messaging and media/group-chat actions, but do not require human approval per message or define outbound allowlists or spending limits.
Once configured, use this channel for all iMessage, RCS, and SMS communication. ... You can send text messages and media ... and participate in group chats.
Require explicit human confirmation for outbound messages, configure recipient allowlists where possible, and monitor billing and message logs.
Private communications may be processed by the provider's infrastructure.
Message contents, media, phone numbers, and routing metadata pass through a third-party WebSocket service. This is disclosed and purpose-aligned, but it is a sensitive data boundary.
plugin sends it over WebSocket -> Emotion Machine server routes it ... Someone texts the shared number -> Emotion Machine server looks up phone route -> forwards to your WebSocket connection
Review the provider's privacy, retention, and logging practices before using it for sensitive messages.