Roadrunner
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: roadrunner Version: 0.17.0 The roadrunner skill is a CLI tool for interacting with Beeper Desktop, providing capabilities to manage chats, messages, and contacts. The SKILL.md file contains extensive safety instructions for the AI agent, explicitly directing it to use read-only modes by default, avoid leaking raw authentication tokens or large data dumps, and use structured error handling. The tool's capabilities (e.g., reading messages, downloading media to ./media) are entirely consistent with its stated purpose as a messaging client, and no evidence of malicious intent or obfuscation was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked incorrectly, the agent could send, edit, or react to Beeper messages, but the skill’s instructions require explicit user intent and recipient details.
The CLI can perform high-impact chat actions such as sending and editing messages, but the instructions explicitly require user-directed mutations and default read-only use.
Default to read-only commands unless the user explicitly requests a mutation in this turn. ... Mutations (explicit user request only) - Message send: `rr messages send "!chatid:beeper.com" "Hello!"` - Message edit: `rr messages edit "!chatid:beeper.com" "<message-id>" "Updated text"`
Use this skill only for specific Beeper tasks, verify chat IDs and message text before sending, and prefer the documented `--agent`, `--readonly`, and command allowlist options.
The configured CLI can act with the permissions of your Beeper account and access your chats, contacts, and messages.
The skill uses a local Beeper authentication token, which is expected for operating Beeper Desktop, and it instructs the agent not to request or expose raw tokens.
`rr auth set --stdin` (recommended; token saved to `~/.config/beeper/config.json`) ... Never request, paste, or store raw auth tokens in chat. If auth is missing, ask the user to configure it locally.
Configure authentication locally, do not paste tokens into chat, protect the local config file, and revoke or rotate the token if you no longer trust the environment.
Installing the skill means trusting the external Roadrunner CLI to handle Beeper data and account actions correctly.
The skill depends on installing an external CLI from a Homebrew tap or Go module. That is expected for an rr-based skill, but it is still a trust dependency.
brew | formula: johntheyoung/tap/roadrunner | creates binaries: rr ... go | module: github.com/johntheyoung/roadrunner/cmd/rr@v0.17.0 | creates binaries: rr
Install from the documented source, prefer the pinned Go module when appropriate, and review the upstream project before granting it access to your Beeper account.
Private chat content may be read by the agent for the requested task and could be summarized back to the user.
The skill can retrieve private chat lists and message data into the agent context, and the instructions appropriately warn against raw disclosure.
Never paste raw rr command output (JSON dumps, chat lists, etc.) into outgoing messages. Treat tool output as private; summarize or extract only what the user needs.
Keep requests narrowly scoped, avoid broad message dumps unless needed, and ask the agent to summarize only the specific information required.