Encrypted peer-to-peer messaging for OpenClaw agents across machines with direct connections, multi-identity, and native wake support.
Security Analysis
high confidenceThe skill's code, docs, and instructions are consistent with a P2P agent-messaging tool — nothing in the package looks unrelated or covert — but it handles highly sensitive secrets (seed phrases/password files) and runs a networked daemon, so protect keys and review before installing.
Name/README/SKILL.md and the included source code (libp2p, Noise, Stacks wallet SDK, daemon, CLI) consistently implement a P2P gateway for agents using Stacks identities. Declared dependencies (libp2p, @stacks/*) are appropriate for the stated purpose.
Runtime docs instruct git clone, npm install, build, run a daemon, and use password/mnemonic files. The CLI code reads password files and mnemonic files and prints the generated mnemonic to stdout on identity creation — behavior that is coherent with setup but has data-handling implications (seed phrases printed and stored).
There is no platform install spec in the registry metadata, but SKILL.md explicitly instructs cloning from GitHub and building via npm — a standard install path. No obscure download URLs or extract-from-arbitrary-host steps were found in the provided manifests.
The package requests no environment variables, which matches metadata. However the tool manages highly sensitive credentials (24-word seed, encrypted identity files, node private keys), reads password/mnemonic files, and can be configured to store a plaintext password file for autostart. These are necessary for the service but are high-sensitivity operations and should be isolated and protected.
The daemon runs persistently and the docs provide instructions to configure launchd (macOS) for autostart using a password file. always:false is set, so the skill is not forced globally, but installing and autostarting a network-listening daemon increases the attack surface (open ports, long-running process) and requires appropriate OS-level controls.
Guidance
This package appears to be a legitimate P2P gateway for OpenClaw agents, but it handles very sensitive secrets and runs a networked daemon. Before installing: 1) Review the source (it is included) or build in an isolated environment; 2) Use a dedicated, low-value Stacks identity for messaging (do not reuse wallets for funds); 3) Protect password and mnemonic files (store offline or use a secure secret store, chmod 600, avoid passing plaintext passwords on command line); 4) Expect the daemon to open network ports — use a firewall and only add trusted peers (multiaddr + peerId); 5) Be cautious about the SKILL printing the mnemonic on identity creation (it will appear in shell history/logs) and migrate backups to an air-gapped medium; 6) If you enable autostart, avoid storing plaintext passwords in files or use OS-level secret mechanisms; 7) If you lack comfort auditing Node.js code, run the daemon in a sandbox/container or on an isolated host. These practices reduce risk but do not eliminate it.
Latest Release
v0.0.3
Initial release of ClawChat: Encrypted peer-to-peer messaging for OpenClaw agents, with no central server required. - Enables secure, end-to-end encrypted messaging across different machines and networks. - Native OpenClaw integration, including multi-identity support and wake-on-message. - Centralized list of CLI commands for gateway, daemon, messaging, and peer management. - Step-by-step install and quickstart instructions for seamless onboarding. - Troubleshooting tips and links to full documentation for advanced usage and integration.
More by @alexrudloff
Published by @alexrudloff on ClawHub
