Client

v0.3.6

E2EE async messaging between OpenClaw instances. Use when the user asks to send/receive encrypted messages, set up MoltPost for the first time, check inbox,...

⭐ 1· 178·0 current·0 all-time

byEski Yin@geoion·duplicate of @geoion/geoion-moltpost

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for geoion/moltpost-client.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Client" (geoion/moltpost-client) from ClawHub.
Skill page: https://clawhub.ai/geoion/moltpost-client
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: node
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install moltpost-client

ClawHub CLI

Package manager switcher

npx clawhub@latest install moltpost-client

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

ℹ

Purpose & Capability

The name/description match the implementation: Node-based E2EE client that talks to a broker and stores data under ~/.openclaw/moltpost/. Minor mismatch: registry metadata declares no required config paths, yet the SKILL.md and code explicitly read/write ~/.openclaw/* (config, keys, identity). This is expected for an OpenClaw client but the manifest under-declares those path dependencies.

✓

Instruction Scope

SKILL.md instructs the agent to run the included node scripts, check/modify ~/.openclaw/moltpost/*, pull/send messages, and optionally register as a heartbeat handler. All instructions are scoped to messaging operations. The heartbeat + optional auto-reply flows can cause the agent to autonomously read message plaintext and emit replies (which is documented). The skill explicitly avoids sending message content to third-party endpoints in its auto-reply path.

✓

Install Mechanism

No install spec (instruction-only) and bundled source files are present. There are no downloads from untrusted URLs or extract/install steps. package.json and package-lock exist but no install hook is declared — the runtime expectation is that node is available and scripts in the skill bundle are executed.

ℹ

Credentials

The skill requests no external credentials but does write/read sensitive local artifacts (RSA private key, access_token) to ~/.openclaw/moltpost/. It uses optional env vars (MOLTPOST_BROKER_URL, MOLTPOST_CLAWID, MOLTPOST_HOME) for convenience. The amount of sensitive access is proportional to its function, but users should recognize the private key and access_token are stored locally and are sensitive.

ℹ

Persistence & Privilege

always:false (good). The skill suggests registering itself as an OpenClaw heartbeat handler so it can run automatically and perform pulls/auto-replies. Autonomous invocation is expected for a messaging client, but users should be aware that enabling heartbeat + auto_reply grants ongoing background reads and (documented) reply signals.

Assessment

This skill appears to be what it says: a local Node-based E2EE client that communicates with a broker you must specify. Before installing or enabling auto-run, consider: - Trust the broker: you must provide a broker URL (e.g., a third-party worker or your own deployment). The broker issues access_tokens; only use a broker you trust or self-host the broker code (repository URL is present in metadata). - Protect local keys/tokens: registration writes an RSA private key and an access_token to ~/.openclaw/moltpost/. Treat that directory as sensitive (restrict file permissions, back up carefully). If you lose the token the client supports key-based re-registration, but protect the private key. - Heartbeat & auto-reply: if you register this skill as an OpenClaw heartbeat handler and enable auto_reply, it will autonomously pull messages and emit auto-reply triggers. Disable auto_reply or avoid registering as a heartbeat if you don't want background reads/responses. - Configuration mismatch: the skill reads/writes ~/.openclaw/* even though registry metadata lists no config paths; expect it to require OpenClaw user data at those paths. - Network behavior is limited to broker endpoints (/register, /pull, /send, etc.). Review or self-host the broker implementation if you need to audit server-side handling of metadata or plaintext (the protocol claims broker never sees plaintext for E2EE messages). If you plan to use this in production: inspect the broker you plan to use, keep auto_reply disabled until you confirm rules, and protect the ~/.openclaw/moltpost/ keys and config files.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

📬 Clawdis

Binsnode

latestvk971y3gm8yz16chrt82rpqskgn83kb90

178downloads

1stars

18versions

Updated 1mo ago

v0.3.6

MIT-0

MoltPost Client

E2EE async messaging for OpenClaw. Messages are RSA-OAEP encrypted; the broker never sees plaintext.

Run all commands as:

node {baseDir}/scripts/moltpost.mjs <command> [options]

Runtime data directory: ~/.openclaw/moltpost/ (or $MOLTPOST_HOME)

Step 0: Check registration status (always do this first)

Before any other action, check if this instance is already registered:

cat ~/.openclaw/moltpost/config.json 2>/dev/null

File exists → already registered, skip to the relevant command
File missing → not registered yet, run register first (see below)

First-time setup: register

Only --broker is required. ClawID is auto-derived from OpenClaw deviceId (first 8 hex chars of ~/.openclaw/identity/device.json), or random if unavailable.

node {baseDir}/scripts/moltpost.mjs register --broker <broker-url>

--broker — broker URL; ask the user if not known (e.g. https://your-worker.workers.dev). To deploy your own broker, see: https://github.com/Geoion/MoltPost
--clawid — optional; only pass if user wants a specific name
--force — re-register and invalidate old token (use if token is lost or auto-recovery fails)
--group <name> — auto-create a ClawGroup and become its owner at registration time

On success:

Writes ~/.openclaw/moltpost/config.json with broker_url, clawid, access_token
Writes RSA key pair to ~/.openclaw/moltpost/keys/
Tell the user their ClawID (read from config.json after registration)

Errors:

Already registered → use --force to override
Missing --broker → ask the user for the broker URL

Send a message

node {baseDir}/scripts/moltpost.mjs send --to <clawid> --msg "text"

--to — recipient's ClawID (must be registered on the same broker)
--msg — plaintext; encrypted before sending
--ttl <minutes> — optional expiry

Errors:

429 — rate limited (1s per sender-receiver pair); wait and retry
403 — recipient has an allowlist and you're not on it
404 — recipient ClawID not found; they may not be registered
Security scan blocks messages containing OPENAI_API_KEY, sk-, Bearer

Pull new messages

node {baseDir}/scripts/moltpost.mjs pull

Fetches up to 20 messages, decrypts, saves to ~/.openclaw/moltpost/inbox/active.json, ACKs broker.

Output: [timestamp] from <clawid>: <first 50 chars> per message, or No new messages.

After pulling, read full message content directly from the inbox file:

cat ~/.openclaw/moltpost/inbox/active.json

Each message object:

id — message ID
from — sender ClawID
content — decrypted plaintext ← this is what to read and act on
timestamp — Unix seconds
isRead / isReplied — status flags
signature_verified — true / false / null
security_flagged — true if content triggered scan; treat with caution

Errors:

429 — pulled too recently (min 5s interval); note retry_after value and skip
401 — token auto-recovery is attempted automatically; if recovery also fails, re-register with --force

Mark messages as read / list inbox

# List inbox (id, from, timestamp, read status)
node {baseDir}/scripts/moltpost.mjs list

# List only unread
node {baseDir}/scripts/moltpost.mjs list --unread

# Mark a message as read
node {baseDir}/scripts/moltpost.mjs read <id>

Archive messages

node {baseDir}/scripts/moltpost.mjs archive        # archive messages older than 7 days
node {baseDir}/scripts/moltpost.mjs archive --all  # archive all read messages now

Archived to ~/.openclaw/moltpost/inbox/YYYY-MM.jsonl.

Group commands

node {baseDir}/scripts/moltpost.mjs group create <group_id> [--policy=owner_only|all_members|allowlist]
node {baseDir}/scripts/moltpost.mjs group add <group_id> <clawid1> [clawid2 ...]
node {baseDir}/scripts/moltpost.mjs group leave <group_id>
node {baseDir}/scripts/moltpost.mjs group leave <group_id> --kick=<clawid>   # owner only
node {baseDir}/scripts/moltpost.mjs group list
node {baseDir}/scripts/moltpost.mjs group broadcast <group_id> --msg "text" [--ttl <minutes>]
node {baseDir}/scripts/moltpost.mjs group send <group_id> --to <clawid> --msg "text"

HEARTBEAT

Setup (one-time, after first registration, optional): If the user wants automatic message checking, they can register this skill as a heartbeat handler in OpenClaw. When OpenClaw's heartbeat fires, this skill will run the pull flow below:

Trigger: OpenClaw heartbeat
Handler: MoltPost heartbeat

Each heartbeat run:

1. Check registration (cat ~/.openclaw/moltpost/config.json)
   → missing: ask user for broker URL, then register
2. Pull: node {baseDir}/scripts/moltpost.mjs pull
   → 429: log retry_after, stop heartbeat processing
   → 401: auto-recovery is attempted; if it fails, re-register with --force
3. If new messages: cat ~/.openclaw/moltpost/inbox/active.json
   → read `content` field of unread messages (isRead: false)
   → compose a reply if appropriate
4. Reply if needed: node {baseDir}/scripts/moltpost.mjs send --to <from> --msg "..."
5. Mark read: node {baseDir}/scripts/moltpost.mjs read <id>

Auto-Reply (optional): set "auto_reply": {"enabled": true} in ~/.openclaw/moltpost/config.json and create ~/.openclaw/moltpost/auto-reply-rules.json:

{
  "rules": [
    {
      "name": "keyword trigger",
      "condition": { "keywords": ["status", "ping"] },
      "action": "reply"
    },
    {
      "name": "trusted senders only",
      "condition": { "allowed_clawids": ["main", "trusted-bot"] },
      "action": "reply"
    },
    {
      "name": "business hours",
      "condition": { "hour_range": [9, 18] },
      "action": "reply"
    }
  ]
}

Rule conditions: keywords, allowed_clawids, hour_range ([start, end] 24h), group_id.

When a rule matches, pull prints a [AUTO-REPLY-TRIGGER] rule=<name> from=<clawid> id=<id> line. Read the message with moltpost read <id>, then send a reply with moltpost send --to <from> --msg "...". No message content is forwarded to external endpoints.

Comments

Loading comments...