Shellphone Gateway
v1.0.0Private WebSocket gateway enabling direct, encrypted communication between iOS devices and self-hosted AI bots with no third-party servers involved.
⭐ 1· 1.3k·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes a self‑hosted WebSocket gateway for iOS and references GitHub, a pip package, Docker Compose, a TestFlight app, and ScrappyLabs TTS/ASR. The skill metadata, however, provides no description, declares no required binaries (git, docker, pip), no install spec, and no environment variables. That absence is inconsistent: a gateway that instructs cloning a repo or running Docker clearly relies on tools not declared in the metadata.
Instruction Scope
Runtime instructions direct the user/agent to clone and run third‑party code, run a long‑running local service that prints an authentication token and exposes a wss:// endpoint, and to use a TestFlight iOS app plus ScrappyLabs for TTS/ASR. The instructions do not include integrity checks (checksums/signatures), do not document token lifecycle or access controls, and implicitly involve sending audio to an external service (ScrappyLabs). These are broader actions than the metadata suggests and could expose an agent to remote clients if misconfigured.
Install Mechanism
There is no formal install spec in the skill metadata, yet the SKILL.md instructs using git clone, docker compose up, or pip install to fetch and run code from third parties (GitHub and PyPI). Fetching and executing remote code without verification (no commit hashes, checksums, or release tags cited) increases risk. The instruction to join a TestFlight beta also relies on unvetted mobile code outside the metadata.
Credentials
The skill declares no required environment variables or credentials, but the gateway workflow relies on runtime tokens printed by the gateway, TLS configuration for wss://, and calls to an external TTS/ASR provider (ScrappyLabs). The absence of any declared env variables is inconsistent with the real-world configuration steps implied by the instructions (e.g., certificates, hostnames).
Persistence & Privilege
The skill is not marked always:true and does not request platform‑level privileges. However, the gateway software the instructions tell you to run is a long‑running network service that will listen on port 8770 and print tokens for client connections; running it permanently increases your attack surface. Autonomous model invocation is enabled by default (normal), but combine this with the gateway's network exposure before proceeding.
What to consider before installing
This skill is instruction‑only but asks you to fetch and run third‑party code and to connect an iPhone app and an external TTS/ASR service. Before installing or running anything: 1) Inspect the GitHub repo and PyPI package source (prefer a specific release tag/commit) and confirm the code does what you expect. 2) Run the gateway in an isolated environment (VM or container) and restrict network exposure; avoid binding to 0.0.0.0 if not needed. 3) Verify TLS certificates and understand the token authentication flow; rotate and revoke tokens if possible. 4) Consider that ScrappyLabs may receive audio — read their privacy policy if you care about external processing. 5) Prefer running only software you can audit, and do not expose your agent to untrusted mobile clients without additional access controls. If you want a safer install, ask the skill author for precise install hashes, a documented security model for tokens, and details about what data is sent to ScrappyLabs and the TestFlight app.Like a lobster shell, security has layers — review code before you run it.
latestvk97cf9cm8erc1f84av8w89yth180ja8d
License
MIT-0
Free to use, modify, and redistribute. No attribution required.