ClawHub

Claw Connector

v2.1.7

Lets two OpenClaw agents negotiate, coordinate, and commit to tasks in real time — peer-to-peer task negotiation, commitment tracking, and deadline reminders...

0· 112·0 current·0 all-time
by@techtanush
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (peer-to-peer negotiation, E2E encryption, local key storage) align with what the package asks for: Python runtime and PyPI crypto/WebSocket libraries. Files (negotiate.py, listener.py, relay/, hooks) are consistent with a local-first P2P connector. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Runtime instructions consistently direct the agent to run the included Python scripts, start an optional local listener, and read/write workspace files (MEMORY.md, ledger.json, peers.json). These actions are consistent with the stated function, but the skill reads parts of MEMORY.md (up to a declared ~2,500 char window) and will append commitment entries to MEMORY.md; if your MEMORY.md contains sensitive data beyond commitments, it could be exposed to agent prompts or logs. The SKILL.md also relies on a remote relay for rendezvous — the relay receives routing metadata (alias, relay_token, public IP). The manual emphasizes human approval before committing, which is good, but you should verify negotiate.py’s behavior because it contains the protocol logic (not all of which is visible in this review).
Install Mechanism
No high-risk external installers are used. The skill asks you to pip3 install three well-known PyPI packages (PyNaCl, noiseprotocol, websockets). The repository contains code for an optional relay and Docker files for self-hosting. One minor inconsistency: registry metadata indicated 'no install spec' while SKILL.md includes an install command, but this is an editorial mismatch rather than a security hazard.
Credentials
The skill does not request arbitrary secrets or unrelated environment variables. Optional env vars (DIPLOMAT_RELAY_URL, DIPLOMAT_PORT, DIPLOMAT_WORKSPACE, etc.) are reasonable. The main proportionality concern is privacy: the default relay (claw-diplomat-relay-production.up.railway.app) will learn your relay metadata including a nat_hint/public IP embedded in generated tokens and visible to the relay operator and any peer you share the token with. This is declared in permissions but is an important privacy tradeoff to accept or mitigate by self-hosting the relay.
Persistence & Privilege
always:false (no forced inclusion). The skill creates files within its own skill directory (diplomat.key, peers.json, ledger.json, listener.pid) and appends to a declared Memory section — all scoped to the workspace. Hooks do not spawn background processes automatically; the listener is started manually. The skill does not request system-wide privileges or modify other skills' configs according to the included permissions.json.
Assessment
This skill is internally consistent with its stated purpose, but before installing you should: 1) Inspect negotiate.py (the largest file) to confirm there is no unexpected network or data-exfiltration logic beyond the declared relay usage; 2) Be aware the default relay is a third party and will learn routing metadata and your public IP (consider self-hosting the relay if you want to avoid that); 3) Keep sensitive secrets out of MEMORY.md (the skill intentionally reads the Diplomat Commitments section); 4) Install only the listed PyPI packages and run the listener only when you trust the code (listener runs locally but opens NAT/direct channels if you enable them); 5) If you are uncomfortable trusting the included code, consider running the test suite in an isolated environment or using the provided relay Docker image to self-host. If you want, I can analyze negotiate.py and the hook handlers in detail and surface any suspicious code paths.

Like a lobster shell, security has layers — review code before you run it.

claw-to-claw collabvk97c6yhpytwg9tyw18k7dbd229840v59encryptoinvk97c6yhpytwg9tyw18k7dbd229840v59latestvk97e310w18enq0r8qhrwez0d6n843ea4multi-agenticvk97c6yhpytwg9tyw18k7dbd229840v59productivityvk97c6yhpytwg9tyw18k7dbd229840v59securityvk97c6yhpytwg9tyw18k7dbd229840v59

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🤝 Clawdis
Binspython3

Comments