Ocean Agent
ReviewAudited by ClawScan on May 12, 2026.
Overview
Ocean Agent appears purpose-aligned for insurance CRM work, but it stores its own OceanBus credentials and can run a persistent listener that automatically sends customer messages despite documentation saying messaging is handled by ocean-chat.
Install only if you are comfortable with Ocean Agent acting as a CRM that can store customer data, hold OceanBus credentials, run a long-lived message listener, and automatically send first-response messages. Review the auto-reply behavior and credential storage before enabling it for real customers.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing and running the listener could cause the agent to send messages to new customers automatically, which may affect business relationships or compliance expectations.
The listener automatically sends a first-response message to unknown senders without per-message user confirmation, which is an external customer communication.
if (!name) { ... await ob.send(msg.from_openid, autoReply); ... console.log('✅ 首响已发送'); }Only run the listener if you want automatic first replies; review and customize the auto-reply text, and prefer requiring confirmation before any outbound message if compliance matters.
A user may trust that all messaging is mediated by ocean-chat and manual approval, while this skill can directly send through OceanBus.
The top-level guidance says ocean-agent does not send messages, but the included scripts directly call OceanBus send functions, including automatic replies in listen.js and manual replies in intake.js.
**依赖 ocean-chat**:不管理通讯录、不发消息、不处理 Date 协商。这些全部通过 ocean-chat 完成。
Treat ocean-agent as a messaging-capable skill, not just an advisory CRM extension; ask the publisher to align the documentation and code.
The skill obtains account authority that can send messages and publish or update public OceanBus entries; compromise or misuse of the local credential file could affect the user's OceanBus identity.
The setup flow registers an OceanBus identity and stores an API key under the user's home directory, while registry metadata says the primary credential is none.
fs.writeFileSync(CRED_FILE, JSON.stringify({ agent_id: agentId, api_key: apiKey, openid: openid, source: SKILL_SOURCE, created_at: new Date().toISOString() }, null, 2));Protect ~/.oceanbus-agent/credentials.json, verify why a separate ocean-agent credential is needed, and request accurate credential declarations from the publisher.
A background process may continue monitoring messages and sending first responses until stopped.
The skill intentionally supports a long-running listener that keeps processing incoming messages.
node scripts/listen.js ... 这是常驻进程。收到消息时自动处理 ... **你应该确保 listen.js 保持运行。**
Run it only when you want active monitoring, know how to stop it, and avoid configuring it as a service unless you accept continuous operation.
Customer insurance needs, family details, and conversation history may persist locally and influence future agent behavior.
The skill stores customer preferences, lead stage, history, and contact timing for later reuse by the agent.
客户数据存储在共享 Roster 的 `apps["ocean-agent"]` 命名空间 ... `preferences` ... `history` ... `last_contact`
Use this only for customers whose data you are allowed to store; review local retention and delete old records when no longer needed.
The exact oceanbus package version used at runtime may vary depending on how the skill is installed or run.
The skill relies on an external npm dependency with a semver range, while the registry says there is no install spec for this instruction-only skill.
"dependencies": { "oceanbus": "^0.4.0" }Install from a trusted source, prefer the included lockfile or a pinned dependency version, and verify the package before running the scripts.