Safety Report

agent-team-mesh

Name: agent-team-mesh
Rating: 3 (1 reviews)
Author: songhonglei

Team-wide P2P mesh for OpenClaw agents running on different containers/pods. Each agent's gateway listens on its own pod IP:18789 over WebSocket; the mesh CL...

0Downloads

0Installs

1Stars

1Versions

Networking & DNS2,429 Legal & Compliance2,019

Security Analysis

high confidence

Suspicious0.04 risk

This is a legitimate team agent messaging tool, but it can forward user messages and relies on shared agent tokens with some under-disclosed fallback behavior.

Jun 20, 20266 files4 concerns

Purpose & Capabilitynote

The core behavior matches the stated purpose: direct WebSocket ping, send, broadcast, and reply retrieval between configured OpenClaw agents. This inherently transmits prompt content to other agents and their gateways.

Instruction Scopeconcern

The trigger phrases are broad for a network-send skill, and send/broadcast commands do not require an explicit confirmation before transmitting message content.

Install Mechanismok

Installation is ordinary skill installation or manual copy; the artifacts do not show an auto-running installer or hidden install-time execution.

Credentialsconcern

Plaintext internal WebSocket use is disclosed, but the script automatically attempts an IM fallback for unreachable send targets and the default fallback path in code conflicts with documentation that describes no default fallback.

Persistence & Privilegeconcern

The skill asks users to collect multiple teammates' gateway bearer tokens into one local tokens.json file, but the script reads it without enforcing restrictive file permissions or token scoping.

Guidance

Install only in a trusted internal team environment. Treat every send or broadcast message as content shared with another agent and possibly retained in that agent's session history. Before use, restrict tokens.json permissions, avoid placing secrets in messages, consider disabling or removing the IM fallback unless explicitly needed, and use dry-run/explicit recipient checks before sending.

Latest Release

v1.0.0

Initial open-source release. Team-wide P2P mesh for OpenClaw agents over WebSocket. Direct calls between teammates' gateways, no broker. Includes: 3-layer identity auto-detect (env/USER.md/sso.json), separate chmod 600 tokens file (not in git), 4KB warn / 8KB block message size limits, --dry-run for send and broadcast, atomic broadcast output, IM fallback hook. XDG paths. Zero pip deps, bash + Python stdlib + curl only.

More by @songhonglei

glic-check

1 stars

Workspace Git Setup

1 stars

token-slim

1 stars

hello-env

1 stars

Pinme Share

0 stars

skill-sediment

0 stars

Published by @songhonglei on ClawHub