claw-negotiate
PendingVirusTotal audit pending.
Overview
No VirusTotal analysis has been recorded yet. File reputation checks will appear here once the artifact hash has been scanned.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you reply GO after reviewing the authorization card, your agent may negotiate terms and send signing-related messages on your behalf.
A one-word confirmation starts a long-running workflow that posts negotiation updates and coordinates signing artifacts. This is disclosed and purpose-aligned, but it is high-impact and should not be invoked casually.
`negotiate` mints the APOA authorization and runs the workflow after `GO` ... `For negotiate, use a long timeout. The runtime posts Telegram cards, signing links, status updates, and the executed PDF itself.`
Only reply GO after carefully checking the authorization bounds, counterparty identity, and intended negotiation; use cancel if anything is wrong before signing.
The skill can send negotiation messages through your configured Telegram bot and initiate sshsign approval flows tied to your signing setup.
The skill uses existing OpenClaw/Telegram identity and sshsign signing infrastructure. This is expected for the workflow, but it is delegated account authority.
claw-negotiate shells out to `python3`, `openclaw`, and `ssh`; calls sshsign for audit/signing; and uses the Telegram bot token already configured in OpenClaw to send cards, signing links, and the executed SAFE.
Use dedicated Telegram bots and dedicated sshsign keys for this workflow, especially for demos or production testing.
A signing request may be created for a SAFE agreement containing negotiated terms and party information.
The code initiates sshsign signing sessions using a configured key ID and business metadata. The artifacts indicate human approval is still required, but the signing identity is sensitive.
`"sign", "--type", doc_type, "--key-id", key_id, "--metadata", json.dumps(metadata, ...), "--session-id", session_id`
Approve sshsign links only after verifying the final SAFE terms and signer identity; do not reuse sensitive production keys for testing.
Negotiation requests, identities, and bounds may remain on disk after use.
Private identity information and negotiation bounds are written to local per-chat files. This is useful for the workflow, but it creates local sensitive state.
write message to `/tmp/claw-negotiate/<chat.id>/identity.txt` ... write message to `/tmp/claw-negotiate/<chat.id>/request.txt`
Use a private per-chat directory with appropriate filesystem permissions and remove old negotiation state when it is no longer needed.
Negotiation offers and status updates can be visible to everyone in the bound Telegram group.
The workflow intentionally uses a Telegram group for inter-agent negotiation and public offer visibility while keeping private bounds out of the group.
Both OpenClaws post offers in the group while APOA blocks out-of-bounds terms privately.
Bind only the intended Telegram group, keep membership limited, and avoid sharing private bounds or sensitive documents in group chat.
Installing from the wrong source or unreviewed dependencies could run code you did not intend to trust.
Manual installation from GitHub and pip dependencies are normal for this Python skill, but they depend on trusting the repository and dependency contents.
git clone https://github.com/agenticpoa/claw-negotiate.git ... `python3 -m pip install -r requirements.txt`
Install from the official repository or ClawHub package, review `requirements.txt`, and avoid running setup commands from untrusted forks.