ClawHub

Bitchat

v0.1.2

Bitchat integration skill for OpenClaw

0· 247·0 current·0 all-time
by@wkyleg
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The plugin implements a local HTTP bridge client and webhook handler that matches the advertised Bitchat integration. However the included package-lock lists many unrelated/large packages (AWS SDK, Anthropic SDK, etc.) and a local '../bitchat-node' package entry; this is disproportionate to a small BLE-bridge plugin and expands supply-chain surface area. Also package.json points to compiled dist/ but the bundle only contains src/ (no dist/), which is a packaging/coherence mismatch.
!
Instruction Scope
SKILL.md and code indicate the plugin will connect to a configurable bridgeUrl (default localhost) and register an HTTP webhook path. Although SKILL.md claims 'local-only' and 'user-initiated' connections, the plugin will connect to whatever bridgeUrl appears in OpenClaw config — including a remote URL if misconfigured — and it exposes an unprotected webhook endpoint that will accept POSTed messages (auth is limited to peerID checks). If the OpenClaw gateway is network-exposed or the bridgeUrl is set to an external host, incoming messages could be used to inject content into agent sessions.
Install Mechanism
There is no separate install spec in the registry (instruction-only), which is low-risk in itself. But the repository includes a package-lock.json showing many dependencies beyond 'bitchat-node'. That lockfile increases the package surface and should be reviewed; the lockfile entries suggest the published package might carry unexpected transitive dependencies.
Credentials
The skill requests no environment variables or credentials (proportional). Still, because it can be pointed at an arbitrary HTTP bridge URL, a remote bridge could be used to receive forwarded messages or exfiltrate agent content if a user configures a remote bridge; ensure bridgeUrl is only set to trusted/local endpoints.
Persistence & Privilege
The skill does not request always:true and does not require elevated system privileges. It registers a service and an HTTP handler (normal for a channel plugin). Autonomous invocation is enabled (platform default) but not combined with other explicit persistence or cross-skill configuration changes.
What to consider before installing
What to check before installing: - Verify the package you install is from a trusted source (the repo/homepage is missing here). The included package-lock contains many large, unrelated packages — ask the author why those are present or audit the lockfile. - Ensure your OpenClaw gateway is not exposed to untrusted networks. The plugin registers /bitchat-webhook which will accept POSTs and inject them into agent sessions; if your gateway is reachable, an attacker could post messages to the agent. - Keep bridgeUrl set to localhost (default) unless you understand and trust the remote bridge host. A remote bridge could receive or send agent messages, creating an exfiltration path. - Prefer dmPolicy='allowlist' and populate allowFrom with specific peer IDs if you expect sensitive messages. - Audit or run the dependent bitchat-node daemon from its upstream GitHub (https://github.com/wkyleg/bitchat-node) before running; ensure it behaves as expected and does not open remote connections or accept remote webhook registration from untrusted hosts. - Confirm build artifacts (dist/) are present or that the package you install includes compiled JS; otherwise the plugin may fail to load or attempt to build during install. If you cannot validate the lockfile, upstream daemon, and network exposure, treat this plugin as higher risk and test it in an isolated environment first.

Like a lobster shell, security has layers — review code before you run it.

betavk97fpjg6xjexryv0v6bskn7txn82fbkflatestvk97fpjg6xjexryv0v6bskn7txn82fbkf
247downloads
0stars
3versions
Updated 1mo ago
v0.1.2
MIT-0
@wkyleg
betalatest
Download

Bitchat

This skill enables decentralized messaging using the Bitchat protocol within OpenClaw.

Features

  • Send and receive messages over mesh or peer-to-peer Bitchat networks.
  • Node-based integration for scriptable console usage.
  • CLI commands to configure network peers, encryption, and channels.
  • Relies on bitchat-node (npm) for the underlying BLE or other mesh transport.

Security & Dependencies

  • Bitchat uses local BLE or LAN for discovery and connectivity.
  • The skill does not automatically connect to arbitrary external URLs.
  • All network connections are user-initiated and require local config.
  • We have pruned unneeded dependencies. Only bitchat-node is included.

Usage

  1. Install the skill from ClawHub: clawhub install bitchat
  2. Add or configure your Bitchat node/peers.
  3. Use OpenClaw commands to dispatch or read messages.
# example
openclaw bitchat start
openclaw bitchat send --to=peerID --message="Hello"

Implementation Details

  • TypeScript-based, compiles to dist/.
  • Exposes integration points so OpenClaw can manage channels.
  • Minimizes third-party dependencies to reduce security surface area.

Future Plans

  • Enhanced encryption and key management.
  • Multi-network bridging beyond BLE.

Release Notes

  • 0.1.2: Points to bitchat-node@0.1.2, further pruned dist dependencies, updated skill doc.

Comments

Loading comments...