agent-link Security Report — Low Risk | ClawSafe

15 /100

agent-link

智能体互联技能 - 支持不同电脑上的 OpenClaw 实例和 Agent 通过中转服务器进行安全可靠的通讯

A legitimate cross-device agent relay system with no malicious code present; the relay_server.py implements straightforward WebSocket message forwarding with HMAC-SHA256 signing, but documentation references missing files (local-agent component) creating doc-to-implementation gaps.

Skill Nameagent-link

Duration32.1s

Enginepi

✓

Safe to install

Create the missing scripts/local-agent/ directory with agent_link.py and docs/install-agent.md to match the documented architecture, or update docs to accurately reflect the shipped files.

Findings 3 items

Severity	Finding	Location
Low	Documented local-agent component is missing Doc Mismatch SKILL.md and README.md both reference scripts/local-agent/agent_link.py and docs/install-agent.md as part of the skill's shipped files, but these files do not exist in the package. Users following the installation guide will encounter missing files. `cd skills/agent-link/scripts/local-agent` → Either create the missing local-agent implementation files or remove references to them from documentation.	`SKILL.md:72`
Low	install-agent.md referenced but not present Doc Mismatch README.md references docs/install-agent.md as a link in the file structure, but this file does not exist in the docs/ directory. `└── install-agent.md # 本地 Agent 安装说明` → Create docs/install-agent.md or remove this reference from README.md.	`README.md:60`
Info	websockets dependency not pinned in code Supply Chain relay_server.py imports websockets but relies on pip install websockets without version pinning. The dependency is not listed in a requirements.txt or pyproject.toml file. `import websockets` → Add a requirements.txt with websockets pinned to a specific version (e.g., websockets>=10.0).	`scripts/relay-server/relay_server.py:8`

Resource	Declared	Inferred	Status	Evidence
Network	`READ`	`READ`	✓ Aligned	relay_server.py:157 — websockets.serve on 0.0.0.0:port for inbound relay connect…
Filesystem	`READ`	`READ`	✓ Aligned	relay_server.py:193 — reads JSON config file via --config argument
Shell	`NONE`	`NONE`	—	No subprocess, os.system, or shell execution found in relay_server.py
Environment	`NONE`	`NONE`	—	No os.environ iteration or environment variable access in the codebase
Skill Invoke	`NONE`	`NONE`	—	No skill invocation or inter-agent call mechanisms present

File Tree

6 files · 21.5 KB · 910 lines

Markdown 3f · 634L Python 1f · 249L JSON 2f · 27L

├─ ▾ 📁 docs

│ └─ 📝 install-relay.md Markdown 185L · 3.3 KB

├─ ▾ 📁 scripts

│ └─ ▾ 📁 relay-server

│ ├─ 🐍 relay_server.py Python 249L · 7.8 KB

│ └─ 📋 relay-config.example.json JSON 18L · 426 B

├─ 📋 _meta.json JSON 9L · 348 B

├─ 📝 README.md Markdown 219L · 4.9 KB

└─ 📝 SKILL.md Markdown 230L · 4.8 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`websockets`	`*`	pip	No	Not pinned in requirements file; imported dynamically at runtime

Security Positives

✓ No base64-encoded execution, eval(), or obfuscation techniques found

✓ No credential harvesting or environment variable enumeration detected

✓ No network exfiltration or C2 communication patterns present

✓ No curl|bash or wget|sh remote script execution patterns

✓ No access to sensitive paths such as ~/.ssh, ~/.aws, or .env files

✓ No persistence mechanisms (cron, startup hooks, systemd units) in code

✓ HMAC-SHA256 signature verification is implemented correctly

✓ Message history deduplication prevents replay attacks

✓ Clean, readable Python implementation with no suspicious code paths

✓ No hardcoded external IPs or suspicious network destinations

Scan Report

Findings 3 items

File Tree

Dependencies 1 items

Security Positives