ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Codecast

Stream coding agent sessions (Claude Code, Codex, Gemini CLI, etc.) to a Discord channel in real-time via webhook. Use when invoking coding agents and wantin...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 1.2k · 2 current installs · 2 all-time installs
byAllan Jeng@allanjeng
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The name/description (stream coding sessions to Discord) matches the shipped scripts, but the skill requires additional runtime capabilities not declared in the registry metadata: Discord bot token usage, webhook storage, GH/gh CLI access (for PR review), and macOS keychain access are referenced in docs/scripts but not listed as required env vars. PR review mode clones repos and runs arbitrary code — coherent with a review feature but raises extra privileges that a user should expect to be explicitly requested.
!
Instruction Scope
Runtime instructions and scripts go beyond just relaying stdout: they advise creating ~/.claude/settings.json to 'bypassPermissions' and use --dangerously-skip-permissions (disabling agent permission checks), clone remote repos and run agents against them, read and post file contents to Discord (potentially leaking secrets), write session breadcrumbs in /tmp, and create/consume named pipes or /proc/<pid>/fd/0 to forward input. These steps can enable exfiltration and remote-driven command execution and are not limited to benign streaming.
Install Mechanism
There is no install spec (instruction-only), and all code is included in the bundle (shell + Python). That lowers remote-install risk, but some runtime dependencies are implied (python3, unbuffer, curl, gh, websocket-client) yet not centrally declared. No external download URLs are used, which is good; however missing dependency declarations mean operators might run the skill without realizing required packages and capabilities.
!
Credentials
Registry metadata lists no required env vars, but SKILL.md and scripts expect/optionally use several secrets and env vars: WEBHOOK_URL/.webhook-url, CODECAST_BOT_TOKEN (or .bot-token), BRIDGE_CHANNEL_ID, BRIDGE_ALLOWED_USERS, CODECAST_RATE_LIMIT, and optional keychain access. The skill also relies on gh CLI authentication for PR review mode. Secrets and credential access are not declared up-front, which is disproportionate to a simple 'stream to Discord' description and hides the credential blast radius.
Persistence & Privilege
always:false (no forced persistence) and user-invocable:false are appropriate. The skill does create /tmp/dev-relay-sessions entries, writes stream.jsonl and breadcrumb files, and the bridge can send signals (os.kill) and write to /proc/<pid>/fd/0 or a named pipe to inject stdin into other processes. Those are powerful runtime privileges (process control and inter-process I/O) — coherent with an interactive relay but worth caution. No evidence the skill modifies other skills or global agent configs beyond its own files.
What to consider before installing
This skill will post live agent activity (including file reads/edits, command outputs, and potentially file contents) to a Discord webhook or channel. Before installing: 1) Review all included scripts (they are shipped with the skill) and understand they can clone repos and run code (PR review mode) and can inject input into/kill agent processes. 2) Do NOT enable the suggested Claude 'bypassPermissions' setting or use --dangerously-skip-permissions unless you fully understand the security impact — it disables model-level protections. 3) Treat any bot token or webhook as sensitive: prefer one-way webhook posting (no BOT token) if you only need relay output; restrict allowed Discord users and channels when using the bridge. 4) Run the skill in a sandbox/container or isolated account, and avoid mounting host secrets into the working directories. 5) If you plan to use PR review or parallel modes, ensure gh/git access is limited and consider running those features on a throwaway runner. 6) The registry metadata omitted several env/credential requirements — expect to supply CODECAST_BOT_TOKEN / .bot-token, a webhook URL file, and gh CLI credentials; only proceed if you accept that scope and have audited the scripts.

Like a lobster shell, security has layers — review code before you run it.

Current versionv4.1.0
Download zip
latestvk9758w1sdrqs4pszf8etf1m6p1818364

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎬 Clawdis
Any binunbuffer, python3

SKILL.md

Codecast

Live-stream coding agent sessions to Discord. Zero AI tokens burned.

Setup

First-time setup: see references/setup.md for webhook creation, unbuffer install, bot token, and smoke test.

Invocation

Launch with exec background:true. Background exec sessions survive agent turns and OpenClaw fires notifyOnExit automatically when the process ends.

exec background:true command:"{baseDir}/scripts/dev-relay.sh -w ~/projects/myapp -- claude -p --dangerously-skip-permissions --output-format stream-json --verbose 'Your task here'"

Note the session ID from the response — use it to monitor via process.

Options

FlagDescriptionDefault
-w <dir>Working directoryCurrent dir
-t <sec>Timeout1800
-h <sec>Hang threshold120
-n <name>Agent display nameAuto-detected
-r <n>Rate limit (posts/60s)25
--threadPost into a Discord threadOff
--skip-readsHide Read tool eventsOff
--review <url>PR review mode
--parallel <file>Parallel tasks mode
--resume <dir>Replay session

For PR review, parallel tasks, Discord bridge, and Codex structured output: see references/advanced-modes.md.

Agent Launch Checklist

  1. Start background session → note session ID and PID from response
  2. Post to dev channel → announce agent name, workdir, task
  3. Write breadcrumb for completion routing: 
    echo '{"channel":"<invoking-channel-id>","relayDir":"<relay-dir>","pid":<PID>}' > /tmp/codecast-pending-<PID>.json
  4. Log to daily memory → session ID, relay dir, invoking channel

The breadcrumb file tells the heartbeat precheck where to post results when the session completes. It auto-detects completion by checking if the PID is still alive.

That's it. When the process ends, OpenClaw's notifyOnExit fires a system event + heartbeat request. The heartbeat handler reads the result from the relay dir's stream.jsonl and posts to the invoking channel.

Completion Detection

OpenClaw handles this natively:

  • tools.exec.notifyOnExit: true (default) — system event + heartbeat on process exit
  • Heartbeat precheck script detects completed sessions via /tmp/dev-relay-sessions/
  • No cron watcher needed

Backup: Append this to the inner agent's prompt for an additional signal:

When completely finished, run: openclaw system event --text "Done: <brief summary>" --mode now

Monitoring

process poll sessionId:<id>        # Check status
process log sessionId:<id>         # View recent output
process kill sessionId:<id>        # Stop session

Agent Support

AgentOutput ModeStatus
Claude Codestream-jsonFull support
Codex--json JSONLFull support
Any CLIRaw ANSIBasic support

Session Tracking

  • Active sessions: /tmp/dev-relay-sessions/<PID>.json (auto-removed on end)
  • Event logs: /tmp/dev-relay.XXXXXX/stream.jsonl (7-day auto-cleanup)
  • Interactive input: process submit sessionId:<id> data:"message"

Reference Docs

  • Setup guide — first-time install, webhook, bot token
  • Advanced modes — PR review, parallel tasks, Discord bridge, Codex
  • Discord output — message formats, architecture, env vars, troubleshooting

Files

15 total
Select a file
Select a file to preview.

Comments

Loading comments…