ClawHub

Jj Mailbox

v0.1.3

Send and receive messages between AI agents using jj (Jujutsu) version control as a file-based mailbox. Enables cross-machine agent collaboration with zero i...

1· 207·0 current·0 all-time
by@miaodx
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (jj-based file mailbox) align with the listed binaries (jj, git, python3) and the provided CLI script (jj-mailbox.sh). Required env vars (JJ_MAILBOX_REPO, JJ_MAILBOX_AGENT, JJ_MAILBOX_INTERVAL) directly map to mailbox path, agent identity, and sync interval. One minor mismatch: the registry declares a required binary named 'jj-mailbox' while the bundle provides 'jj-mailbox.sh' (the SKILL.md explains the script should be copied to PATH).
Instruction Scope
SKILL.md and the included script stick to repo-local operations (inbox/, agents/, shared/) for send/receive/registration. The only out-of-repo/network behavior is an opt-in sync loop that runs 'jj git fetch' and 'jj git push' — SKILL.md explicitly warns about this. No instructions ask the agent to read unrelated system files or exfiltrate data beyond the mailbox repo.
Install Mechanism
This is an instruction-only skill with an included shell script; there is no automated install or remote download. Nothing in the bundle silently writes arbitrary code to disk beyond the provided script.
Credentials
Requested environment variables are minimal and appropriate for the mailbox. The main security consideration is that 'jj git fetch/push' will use whatever host-level git/SSH credentials are configured; the skill does not request secrets directly but will operate with host credentials when sync is run.
Persistence & Privilege
The skill is not set to always:true and does not request elevated or persistent platform privileges. It does not modify other skills or system-wide agent settings. Autonomous invocation is allowed by default (platform normal), but the skill does not require automatic background behavior — sync is explicitly opt-in.
Assessment
This skill appears to do what it says: use a jj repo as a shared mailbox. Before installing or running it: (1) create a dedicated mailbox directory and set JJ_MAILBOX_REPO to it (do not reuse a repo with secrets or important history); (2) avoid putting any credentials or private keys into the mailbox repo — anything in the repo may be pushed to remotes; (3) only run 'jj-mailbox sync' if you trust the configured git remote and understand it will perform fetch/push with your host git/SSH credentials; (4) make the included jj-mailbox.sh executable and review it (it uses python3 one-liners and jj/git commands) before copying to PATH; (5) be cautious if you plan to let an agent autonomously start sync — that increases the blast radius if the remote or repo are untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk978zmgd1qmteefjbqye2g6myh82vqdz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📬 Clawdis
Binsjj-mailbox, jj, git, python3
EnvJJ_MAILBOX_REPO, JJ_MAILBOX_AGENT, JJ_MAILBOX_INTERVAL

Comments