Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
LocalUDPMessenger
v1.5.0Use when agents need to communicate over the local network — "send message to agent", "discover agents", "check for messages", "coordinate with other agents", "approve agent", "agent status", "add peer", "message log"
⭐ 2· 710·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description, declared tools (udp_send, udp_discover, udp_receive, etc.), and included code all implement a LAN UDP messenger with trust and rate limits — the requested binary (node) and the npm/GitHub install instructions are appropriate for this purpose.
Instruction Scope
SKILL.md and README stay within the plugin's messaging scope (discovery, trust, wake-up). They instruct posting to the local Gateway /hooks/agent (agent wake-up) and to forward messages to an optional relay. They also reference an environment variable (OPENCLAW_HOOK_TOKEN) and multiple config locations for the hook token; that env var is not declared in the registry metadata, which is a documentation mismatch.
Install Mechanism
Installation is via OpenClaw's plugin install (npm/GitHub). No arbitrary binary downloads or obscure URL shorteners are used in the provided docs/code; runtime is pure Node.js.
Credentials
Registry metadata lists no required env vars, but docs/code read a hook token from several places including the OPENCLAW_HOOK_TOKEN env var; that mismatch should be noted. More importantly, the optional relayServer configuration will forward copies of every message (payload included) to an arbitrary host:port — this is consistent with the plugin's claimed monitoring feature but is high-impact: if set to an external host it can exfiltrate message contents and metadata. The plugin also constructs a stable agent ID using hostname + MAC address, which leaks hardware-identifying info to peers/relay.
Persistence & Privilege
always:false and no global privilege escalation are present. The plugin registers a hook and can autonomously wake the agent via /hooks/agent (normal for plugins). Combined with the relay option and wake-up behavior, autonomous processing increases blast radius if relay or hook tokens are misconfigured, but the plugin does not force permanent inclusion.
What to consider before installing
This plugin appears to implement a local UDP messenger as described, but take these precautions before installing: 1) Don't set relayServer to an internet-accessible host unless you understand and approve that all message contents (and agent IDs) will be forwarded there. 2) Be aware the plugin derives a stable agent ID from hostname+MAC (hardware fingerprint) that will be exposed to peers and any relay. 3) The code and docs may read a hook token from OPENCLAW_HOOK_TOKEN (env) even though the registry metadata doesn't list env vars — verify where your Gateway token is stored and who can read it. 4) Prefer 'always-confirm' trustMode on untrusted networks and audit message logs regularly. If you want to proceed, review the plugin config in openclaw.json (especially relayServer and hookToken) and consider code review or running in an isolated network first.Like a lobster shell, security has layers — review code before you run it.
latestvk97fj09ncjvw9xfx3h969jn4mh812bd7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binsnode