ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cross Agent Notify

v1.0.2

Standard cross-agent notification and collaboration protocol for OpenClaw multi-agent setups. Use when: (1) one agent needs to delegate a task to another age...

0· 100·0 current·0 all-time
bysune@sora-mury

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for sora-mury/cross-agent-notify.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Cross Agent Notify" (sora-mury/cross-agent-notify) from ClawHub.
Skill page: https://clawhub.ai/sora-mury/cross-agent-notify
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install cross-agent-notify

ClawHub CLI

Package manager switcher

npx clawhub@latest install cross-agent-notify
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name and description match the instructions: this is a workflow for delegating work via shared task files, an inbox, sessions_send wakeups, and Feishu traces. Requiring access to a shared inbox/tasks and the ability to send platform sessions and Feishu traces is expected for this purpose. However, the skill metadata declares no required config paths or credentials despite the SKILL.md presuming write access to shared/inbox, shared/tasks, and access to a Feishu group session key.
!
Instruction Scope
The runtime instructions direct agents to write and read files under shared/inbox/<agent> and shared/tasks/<task-id>. They also instruct obtaining a 'stable group session key' from other agents' SKILL.md or team config and to post one-line traces to a fixed Feishu group. Those actions cross agent boundaries (reading other agents' SKILL.md/team config) and touch shared storage and a public trace channel — none of which are declared in the skill's manifest. This scope mismatch is the primary concern.
Install Mechanism
No install spec and no code files are present (instruction-only). That reduces risk from arbitrary code installation. There is nothing being downloaded or written by an installer step.
!
Credentials
The skill declares no required environment variables or credentials, but the protocol expects access to a Feishu group session key and platform session-sending capability. The manifest omits any declaration of required tokens, config paths, or permission grants to perform these actions. That omission makes it unclear what secrets or platform privileges the agent runtime must expose to implement the protocol.
Persistence & Privilege
The skill is not always-on and does not request elevated persistence. It does instruct agents to read other agents' SKILL.md or team config to obtain group session keys; that is cross-skill access but not expressed as a privilege in the manifest. Autonomous invocation is allowed (platform default) but not itself a differentiator here.
What to consider before installing
This instruction-only skill appears to implement a plausible cross-agent handoff protocol, but there are important gaps to check before installing: - Confirm platform assumptions: verify that your agent runtime already has sessions_send capability and a way to post to Feishu using platform-managed session keys. If posting requires a token or config path, the skill should declare that. - Check file-system access: the protocol requires read/write access to shared/inbox/<agent>/ and shared/tasks/*.md. Ensure you are comfortable granting the agent those paths and that audit/tracing is in place. - Clarify where the Feishu group session key comes from and whether the agent will need permission to read other agents' SKILL.md or team configs. Cross-skill reads can leak metadata or secrets if not carefully scoped. - Privacy/exfil risk: Feishu group messages are public operational traces; do not include sensitive business data in them. Confirm the one-line templates are the only content posted to the group. - Operational risk: the 'agent:<target>:main' wake mechanism intentionally activates persistent sessions; ensure that waking agents this way is intended and that it cannot be abused to spam or DoS other agents. If you cannot confirm these points with whoever manages your OpenClaw deployment (owner/admin), run the skill in a restricted sandbox with explicit, minimal permissions first. If the publisher can update the manifest to declare required config paths and any credentials or platform capabilities needed, that would materially reduce risk and increase my confidence.

Like a lobster shell, security has layers — review code before you run it.

latestvk97frqchqrca97dk8rfga2x6x584adfr
100downloads
0stars
3versions
Updated 3w ago
v1.0.2
MIT-0
sune@sora-mury
latest
Download

Cross-Agent Notify

What This Skill Does

Provides the standard cross-agent notification workflow for OpenClaw: how to reliably wake up another agent, delegate tasks, receive results, and trace progress in the Feishu group.

Core problem solved: sessions_send times out when the target agent's main session is done. The agent:<target>:main format solves this by activating the agent's persistent session layer regardless of main session state.

Standard Collaboration Chain

任务文件 → inbox 消息 → sessions_send agent:<target>:main → 对方处理 → 结果回写 inbox → 飞书群 trace

Four mandatory steps (all four required, in order):

  1. Update task file — set communication fields, owner, status
  2. Write inbox message — drop a structured .txt file to shared/inbox/<target_agent>/
  3. Send wakeupsessions_send to agent:<target_agent>:main
  4. Trace in Feishu group — post a one-line @target_agent task TASK-xxx in agent:<agent_id>:feishu:group:oc_8efe2b5fdf1ed5939c93f206b5c0e21e

Step 1 — Update the Task File

Before sending anything, update the shared task file:

owner: target_agent
status: in_progress
communication:
  reply_to_agent: requesting_agent   # always set; never hardcode a name
  submitter_agent: requesting_agent

Rule: Always set communication.reply_to_agent. Never hardcode the requesting agent's name as the reply target.

Step 2 — Write the Inbox Message

Create a text file at:

shared/inbox/<target_agent>/YYYY-MM-DD-HHMM-task-description.txt

Minimum required content:

# 任务:<task name>
**时间:** YYYY-MM-DD HH:MM GMT+8
**来源:** requesting_agent
**回复给:** target_agent
**任务文件:** shared/tasks/<task-id>.md
---
## 任务内容
<concise description of what is needed>

## 完成后
请将结果回写到任务文件,并将完成状态通知 requesting_agent。

Step 3 — Send the Wakeup

sessions_send(
    sessionKey=None,          # leave blank; target is by agentId
    agentId="<target_agent>"  # e.g. "agent-a", "agent-b"
    message="task TASK-xxx assigned to you, check inbox"
)

Target format: agent:<target_agent>:main — the agent's persistent session layer, works even when the main session is done.

Key finding: agent:<target>:main format successfully activates agents whose main sessions are done. This bypasses the sessions_send timeout problem.

Never use the old Telegram-based group protocol — it is deprecated (2026-04-06).

Step 4 — Feishu Group Trace

Post a short trace message to the shared Feishu group. Get the stable group session key from the target agent's SKILL.md or team config. Example:

@target_agent task TASK-123,已投 agent:target_agent:main,查 inbox

Use only the approved one-line templates (see references/PROTOCOL.md for full list). Keep it short — the inbox carries full context, not the group message.

Group session key pattern:

agent:<agent_id>:feishu:group:oc_8efe2b5fdf1ed5939c93f206b5c0e21e

Receiving a Notification

When your inbox is mentioned or sessions_send wakes you:

  1. Read the inbox message file first
  2. Read the linked task file
  3. Perform the work
  4. Write results back to the task file (review field, evidence field)
  5. Drop a completion note in the requester's inbox
  6. Post a result trace in the Feishu group

Do not skip the task file and inbox — they are the source of truth.

Communication Field Rules

communication:
  reply_to_agent: <agent_id>   # mandatory; who to send receipts/results back to
  submitter_agent: <agent_id>   # who initiated the request
  • reply_to_agent must always be set to a named agent ID, never a session ID
  • Use agent:<target>:main format in sessions_send, not session keys
  • If submitter_agent is missing, fall back to owner_agent

Reference

See references/PROTOCOL.md for:

  • Full one-line template library (wakeup, assist, handoff, result return, blocked, audit request)
  • Feishu group mention validity rules
  • Fixed group target and session key pattern
  • Deprecated Telegram protocol notice

Comments

Loading comments...