ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Openclaw Bridge

v1.0.0

Send messages to a local OpenClaw/Rook gateway and receive responses directly from Claude Code. Enables bidirectional agent-to-agent communication via the `o...

0· 78·0 current·0 all-time
by@nerua1

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for nerua1/openclaw-bridge.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Openclaw Bridge" (nerua1/openclaw-bridge) from ClawHub.
Skill page: https://clawhub.ai/nerua1/openclaw-bridge
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install openclaw-bridge

ClawHub CLI

Package manager switcher

npx clawhub@latest install openclaw-bridge
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's purpose (send messages to a local OpenClaw gateway via the openclaw CLI) is coherent with the SKILL.md. However the registry metadata lists no required binaries while SKILL.md explicitly requires the openclaw CLI in PATH — a mismatch between declared requirements and runtime instructions.
!
Instruction Scope
Runtime instructions tell the agent to run shell commands embedding user messages (e.g., openclaw agent --message "<message>") and to write/read temporary or shared files (e.g., cat /path/to/.continue-here.md). That gives the skill authority to access arbitrary user files referenced for handoff and raises a command-injection risk if messages are interpolated into shell without proper escaping. The SKILL.md also notes the CLI reads ~/.openclaw/openclaw.json for an auth token (the agent does not read it directly, but invoking the CLI will).
Install Mechanism
This is instruction-only (no automated install spec), which is lower-risk. The README suggests installing the skill by cloning a GitHub repo (git clone https://github.com/nerua1/openclaw-bridge), which is typical but requires you to trust that repository before running any code from it.
Credentials
No environment variables are requested by the registry, which is consistent with relying on the local openclaw CLI. However, the CLI will access a local auth token at ~/.openclaw/openclaw.json; you should verify what that token can do and whether invoking the CLI will forward data elsewhere. The skill does not request unrelated credentials.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It does not claim to modify other skills or system-wide settings.
What to consider before installing
Before installing or enabling this skill: 1) Confirm you have and trust a local openclaw gateway/CLI — SKILL.md expects openclaw in PATH even though the registry metadata didn't list it. 2) Be aware the skill will cause the CLI to access ~/.openclaw/openclaw.json (check what that token permits). 3) The agent may read/write files you point it at for handoff — avoid referencing sensitive files. 4) There is a shell-command interpolation risk: ensure the implementation passes messages safely (as argv) or escapes user content to avoid command injection. 5) If you follow the README's git clone step, inspect the repo before running code. If you need higher confidence, ask the publisher for (a) an explicit required-binaries entry listing openclaw, (b) a note on how messages are passed to the CLI (argv vs raw shell interpolation), and (c) confirmation about any network endpoints the local gateway might forward messages to.

Like a lobster shell, security has layers — review code before you run it.

latestvk9747nngq4jmpkq78nfzezec6584qfwb
78downloads
0stars
1versions
Updated 2w ago
v1.0.0
MIT-0
@nerua1
latest
Download

openclaw-bridge

Send messages to a running OpenClaw gateway and get responses back — directly from Claude Code, without leaving the terminal.

When to use

  • Delegate a task to OpenClaw that benefits from Kimi's context or local skills
  • Ask for a second opinion from a different model/agent
  • Hand off work between sessions (Claude Code → OpenClaw or vice versa)
  • Trigger OpenClaw skills (e.g. run a cron, call a subagent) from Claude Code
  • Notify OpenClaw about changes you made (shared filesystem, config updates)

Prerequisites

  • OpenClaw gateway running locally (openclaw health should return ok)
  • openclaw CLI in PATH

Commands

ask — send a message and wait for response

/ask-openclaw <message>

Internally runs:

openclaw agent --message "<message>" --agent main --json

Response is parsed and returned inline.

notify — fire-and-forget (no wait)

openclaw agent --message "<message>" --agent main --json --timeout 5

Use when you don't need a response — just informing OpenClaw of a state change.

agents — list available agents

openclaw agents list

health — check gateway is up

openclaw health

Usage patterns

Ask for opinion / second review

Ask openclaw: "Review this SQL migration — is it safe to run on a live table with 10M rows?"

Claude Code will call openclaw agent --message "Review this SQL migration..." and show you Kimi's response.

Delegate a task

Tell openclaw to run the skills-rag-update cron manually

openclaw agent --message "Uruchom ręcznie cron skills-rag-update i podaj wynik" --agent main --json

Handoff with context

When ending a Claude Code session, hand off state to OpenClaw:

openclaw agent --message "HANDOFF od Claude Code: $(cat /path/to/.continue-here.md)" --agent main --json

Capture idea via OpenClaw

openclaw agent --message "capture-idea --title 'X' --topic architektura --tags 'a,b' --body 'Y'" --agent main --json

How Claude Code should handle this skill

  1. When user says "ask openclaw [something]" or "tell rook [something]":

    • Check gateway: openclaw health
    • If down: warn user, suggest openclaw daemon start
    • If up: run openclaw agent --message "<message>" --agent main --json
    • Parse .result.payloads[].text from JSON response
    • Show response inline

  2. When delegating a multi-step task:

    • Write context to a temp file or shared vault note first
    • Send message with reference to that file
    • Wait for confirmation

  3. When gateway is unreachable:

    • Do NOT retry in a loop
    • Report: "OpenClaw gateway not responding on localhost:18789 — check openclaw daemon start"

Response format

{
  "runId": "...",
  "status": "ok",
  "summary": "completed",
  "result": {
    "payloads": [
      { "text": "agent response here", "mediaUrl": null }
    ],
    "meta": {
      "durationMs": 90617,
      "model": "kimi-k2.5",
      "usage": { ... }
    }
  }
}

Extract with:

openclaw agent --message "..." --agent main --json | python3 -c "
import json, sys
d = json.load(sys.stdin)
for p in d['result']['payloads']:
    if p['text']: print(p['text'])
"

Limitations

  • Gateway must be running locally (loopback only by default)
  • Auth token is read from ~/.openclaw/openclaw.json automatically by the CLI
  • Large responses may be split across multiple payloads — concatenate them
  • No streaming — waits for full response before returning
  • Default timeout: 600s (override with --timeout)

Comments

Loading comments...