Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Chat Bus
v1.0.0共享目录消息总线 — 让不同用户/Agent 之间通过文件系统实现聊天对话。 支持单聊、群聊、广播、消息历史查询。 纯 Python 标准库,零外部依赖,跨 Windows/macOS/Linux。 通信基于共享目录(NAS/云同步/网络驱动器),用户自行配置共享路径。
⭐ 0· 18·0 current·0 all-time
by波动几何@wangjiaocheng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (file-system based shared-directory message bus) matches the included scripts and SKILL.md. All required functionality (register, send, receive, rooms, history) is implemented in the provided Python files and no unrelated credentials, binaries, or services are requested.
Instruction Scope
SKILL.md and scripts limit operations to a configurable shared directory (default .chat-bus/). The agent's instructions do not attempt to read arbitrary system configuration or secrets, but the code will read/write any path the user supplies via chat_dir, and message content is stored in plaintext. This is expected for the stated design but is a privacy/security consideration.
Install Mechanism
No install spec; the skill ships Python scripts and relies only on the standard library. No downloads or external packages are fetched, which reduces install-time risk.
Credentials
No environment variables, credentials, or external tokens are requested. The few parameters are file-paths and usernames used only for local file I/O, which is proportional to the purpose.
Persistence & Privilege
The skill is not always-enabled and does not modify other skills or global agent settings. It persists data by writing files into the configured chat_dir (expected behavior for a shared-directory message bus).
Assessment
This skill appears to implement exactly what it claims: a plaintext shared-directory chat bus using only Python stdlib. Before installing/using it, remember: (1) all messages are stored unencrypted in the chosen shared directory—do NOT set chat_dir to a directory that contains sensitive files (home, .ssh, system folders) or that is publicly synced unless you accept that risk; (2) pick a dedicated shared folder and enforce filesystem access controls on the shared storage (NAS/OneDrive/SMB) to limit who can read/write; (3) review or run the provided scripts in a sandbox to confirm behavior if you have higher security requirements; and (4) if you need confidentiality, add an encryption layer or avoid using a shared-sync service that could leak message contents.Like a lobster shell, security has layers — review code before you run it.
latestvk971yv9j9rvknc0w55ebkdqr2x84sm5p
License
MIT-0
Free to use, modify, and redistribute. No attribution required.