ClawHub

Session OpenClaw Bridge

v0.1.0

Configure, validate, and troubleshoot a Session Messenger ↔ n8n ↔ OpenClaw bridge for two-way text messaging and image exchange when the hosted relay support...

0· 43·0 current·0 all-time
by@droidhackzor
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description align with the bundled artifacts: an n8n workflow template, a small Python relay validator, and packaging/release notes. Nothing in the repository requires unrelated capabilities (no cloud credentials, no unrelated binaries).
Instruction Scope
SKILL.md limits actions to workflow import/patch, endpoint verification (/health, /poll, /send, optional /attachment) and packaging. The included script performs only HTTP GET/POST probes against a user-supplied base URL and prints a JSON summary. Note: the validator will POST a test message to /send (body: {"to":"TEST","text":"probe"}) and will probe an attachment URL — so run it against your own test or development relay to avoid generating real messages.
Install Mechanism
No install spec; this is an instruction-only skill with a small script. Nothing is downloaded or written automatically by an installer.
Credentials
The skill does not request environment variables or credentials. The n8n workflow contains placeholder variables (REPLACE_SESSION_BOT_HOST, REPLACE_SESSION_BOT_API_KEY, REPLACE_OPENCALW_ENDPOINT and references to $env.*) that the operator must supply; this is expected. There are no hidden or unexpected credential requests in SKILL.md or the script.
Persistence & Privilege
always is false, no autoregistration or system-wide configuration changes are requested. The skill is instruction-only and does not attempt to modify other skills or global agent settings.
Assessment
This skill appears to be what it says: a template and a small validator for a Session ↔ n8n ↔ OpenClaw relay. Before running anything: (1) run scripts against a test/dev instance, not a production bot, because validate_relay.py will POST a probe message to /send and probe /attachment; (2) replace the placeholder host/API key/OpenClaw endpoint in the n8n workflow with your real values and keep any real API keys secret; (3) inspect the workflow and validator output before packaging/publishing to ensure you are not exposing real credentials or endpoints. If you need higher assurance, request the upstream source (GitLab) referenced in release.md so you can verify the relay project and tags.

Like a lobster shell, security has layers — review code before you run it.

latestvk977pex7xypztfbkwhspvw04n183yz9y

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments