Declaw
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is coherent with P2P messaging, but it recommends privileged unpinned installation steps and describes automatic background peer-discovery behavior that users should review before installing.
Review the installer carefully before running it, especially the sudo GitHub script. Use manual installation or a pinned, inspected script if possible, and only enable the P2P plugin if you are comfortable with your agent maintaining a discoverable network presence and receiving inbound messages.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the remote script changes or is compromised, it could make privileged changes to the user's system and networking setup.
The recommended setup runs a mutable remote script from GitHub as root, but that script is not included in the reviewed artifacts and is not pinned to a commit.
curl -fsSL https://raw.githubusercontent.com/ReScienceLab/DeClaw/main/scripts/setup-yggdrasil.sh | sudo bash
Avoid piping remote scripts directly to sudo. Inspect the script first, pin to a trusted commit, or use the documented manual/package-manager installation path.
The user's agent address and peer presence may be announced to bootstrap nodes and other peers automatically while the plugin is running.
The documented plugin performs autonomous startup and recurring network announcements, which can continue beyond a single user-requested send operation.
On startup (after a configurable delay), the plugin fetches the bootstrap node list... POST /peer/announce... A periodic gossip loop (default 10 min) re-announces to random known peers
Install only if you want ongoing P2P presence. Check whether discovery can be disabled, how to stop the daemon/plugin, and what peer information is retained.
Other peers and bootstrap nodes may learn the agent's Yggdrasil address and exchange messages with it; message contents sent to peers are disclosed to those peers.
The skill intentionally creates inter-agent communication endpoints and uses bootstrap nodes for discovery and test AI replies.
Any node running the plugin also serves `/peer/announce` and `/peer/peers`... Each bootstrap node also accepts `POST /peer/message`
Only message trusted peers with sensitive content, verify peer addresses, and understand that bootstrap AI test messages go to ReScience Lab bootstrap nodes.