Remote Relay

The skill's code, runtime instructions, and required secrets are consistent with a relay that provides outbound-only remote control; it legitimately needs the three declared environment variables and no unusual installs or extra privileges—but you must trust the remote relay operator because prompts and response tokens are sent to their server.

This skill appears to do exactly what it says: open an outbound WSS to a relay, authenticate, and accept a small set of remote commands. Before installing, consider: (1) You will be transmitting prompt content and streamed response tokens to the relay operator — only install if you trust that operator or self-host the relay. (2) Use a short-lived or revocable AUTH_TOKEN and rotate it if possible. (3) Restrict the node's network access and run the skill in a least-privilege/isolated environment if prompts might contain sensitive data. (4) Review and, if desired, self-host the relay server referenced by RELAY_URL so you control retention and access policies. (5) The client does not itself persist or exfiltrate files or additional env vars, but the server-side relay behavior (storage, logging) is out of scope and must be trusted or audited.