📦 OpenClaw Agent Mesh — 节点自发现组网
v1.0.0为 OpenClaw 实例提供节点发现与 Agent 间通信能力,让邻近节点自动感知并建立联系,实现去中心化协同与负载均衡。
0· 242·0 当前·0 累计
by 下载技能包
最后更新
2026/4/22
安全扫描
OpenClaw
可疑
high confidenceNULL
评估建议
This skill implements the described mesh functionality, but it contains a serious implementation issue: it constructs filenames using sender-controlled fields (request_id, message_id) without sanitization. A remote peer that sends a specially crafted contact request could cause the service to write files outside the intended state directory (including absolute paths), enabling arbitrary file writes as the user running the server. Before installing or running the server, consider: 1) Do not run t...详细分析 ▾
ℹ 用途与能力
Name, description, SKILL.md, and code are coherent: the scripts implement identity, discovery, contact requests, approval, and signed direct messages over HTTP as claimed. However the code depends on the 'openssl' CLI for key operations while the skill metadata lists no required binaries — that's an undeclared dependency and mismatch the user should know about.
⚠ 指令范围
Runtime instructions and server endpoints match the code, but the server accepts arbitrary JSON posts and the mesh code uses sender-supplied request_id and message_id values directly when constructing filenames (e.g., save_json(REQ_IN_DIR / f"{payload['request_id']}.json")). That enables directory traversal or absolute-path file writes if a malicious peer crafts request_id/message_id values. The SKILL.md guardrails (reject malformed messages, require approval before trusting) do not prevent this filesystem-write issue for incoming contact requests, because contact requests are saved prior to any trust relationship and rely on sender-controlled fields.
✓ 安装机制
No install spec (instruction-only plus included scripts). Nothing is downloaded or written at install time by a package manager. This is lower risk than arbitrary install scripts, but you still execute bundled scripts at runtime.
ℹ 凭证需求
The skill declares no required environment variables or credentials, which matches its local peer-to-peer purpose. However it does use and set OPENCLAW_AGENT_MESH_DIR at runtime and expects an 'openssl' binary on PATH; the missing declaration of openssl is a proportionality/consistency issue. The skill also suggests binding an HTTP server (possibly 0.0.0.0) and probing network endpoints — network access is expected but increases attack surface.
✓ 持久化与权限
The skill persists state under a user-writable directory (~/.openclaw/agent-mesh by default) and does not request always:true or system-wide config changes. However the ability to write arbitrary files (see instruction_scope) elevates the effective write capability beyond the intended per-skill state directory.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/3/13
NULL
● 无害
安装命令
点击复制官方npx clawhub@latest install openclaw-agent-mesh
镜像加速npx clawhub@latest install openclaw-agent-mesh --registry https://cn.longxiaskill.com镜像同步中