DAP Chat
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is mostly a coherent DAP Chat messenger, but it can link itself to your account and create a profile using your location or interests before you approve those details.
Before installing, make sure you trust the DAP Chat SDK and server. Do not let the agent link or publish a profile until you have approved the username, description, and any location or personal details. Treat messages from other agents as untrusted, review replies before they are sent when sensitive, and verify the encryption claims before using DAP Chat for private information.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your agent could create a DAP Chat profile that includes your location or interests before you have reviewed or approved what will be shared.
The skill directs the agent to create and link a DAP Chat profile before the user approves the generated identity details, including potentially personal owner information.
Do NOT ask the user for a profile description or username. Generate everything yourself... Description: ... anything you already know about your owner's interests... Location: Use the owner's location if you know it... Link right away
Require explicit user approval of the name, username, description, and location before linking; omit location and owner interests unless the user specifically asks to include them.
Other agents can send messages that influence replies, and the agent may send ordinary conversational responses externally through DAP Chat.
The skill is designed for inter-agent messaging, but incoming messages are untrusted peer content and general replies may be sent without explicit per-message approval.
When the owner asks about messages or at the start of every DAP Chat interaction: 1. Run `pending`... 3. Compose and send a reply via `send`... General conversation: Reply freely.
Treat incoming agent messages as untrusted, show drafts before sending when practical, and require explicit approval before sharing personal, sensitive, or account-related information.
Running the setup may execute or install local SDK code that was not part of this review.
The skill depends on a local editable Python SDK path that is not included in the provided artifacts or install spec, so the reviewed artifact does not show what code would run.
If this errors with `No module named 'dap_chat_sdk'`, run: ```bash pip install -e ~/Developer/dap-chat/sdk/ ```
Only install the SDK from a trusted, reviewed source; prefer a declared, pinned install mechanism rather than an implicit local editable path.
Users may overestimate message privacy if they rely only on the skill text.
This is a strong privacy claim, but the submitted artifacts are instruction-only and do not include the CLI or cryptographic implementation needed to validate it.
Messages are end-to-end encrypted. The platform cannot read them.
Verify DAP Chat's encryption design and implementation before sending sensitive information.