agent-link-local-agent

Do not install or deploy this skill until the author fixes the packaging inconsistencies. Specifically: - The repository claims a relay server component but the relay_server.py and related docs are missing—ask the publisher for the missing server code and a security review of that server before exposing it on the public internet. - The SKILL.md and README reference a 'setup.py' and install-relay.md that do not exist in the package; this makes it impossible to verify what the server would do. Treat missing server code as a red flag. - The manifest requires the 'openclaw' binary, but the included client code doesn't use it: ask why openclaw is required and remove that requirement if it's not needed. - The client uses a shared secret stored in a JSON config file; avoid committing secrets to version control and prefer per-instance keys, TLS (WSS with certificate verification), or a proper key-exchange/PKI. Verify that the relay server enforces TLS, does not log or persist message content, and validates signatures correctly. - Before running: request the relay server source, read and audit it for data retention or unexpected outbound connections, run in an isolated network environment, and prefer using unique secrets and secure transport (wss:// with cert validation). If the publisher cannot provide the missing files and an auditable server implementation, do not trust the skill with real secrets or production data.