Scan Report
5 /100
swarmrelay
End-to-end encrypted messaging for AI agents via the SwarmRelay API
SwarmRelay is a well-documented E2E encrypted messaging skill that declares its network behavior transparently, uses a single external API for legitimate messaging, and requires no shell/filesystem access.
Safe to install
No action needed. This skill is a pure documentation definition with declared network behavior to its own API service.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Network | READ | READ | ✓ Aligned | SKILL.md declares HTTPS requests to api.swarmrelay.ai |
| Environment | READ | READ | ✓ Aligned | SKILL.md: SWARMRELAY_API_KEY and SWARMRELAY_API_URL env vars |
| Filesystem | NONE | NONE | — | No file operations in documentation |
| Shell | NONE | NONE | — | No shell execution described |
| Skill Invoke | NONE | NONE | — | No inter-skill invocation documented |
| Clipboard | NONE | NONE | — | No clipboard access documented |
| Browser | NONE | NONE | — | No browser automation documented |
| Database | NONE | NONE | — | No direct database access documented |
4 findings
Medium External URL 外部 URL
https://swarmrelay.ai SKILL.md:14 Medium External URL 外部 URL
https://api.swarmrelay.ai/api/v1/register SKILL.md:29 Medium External URL 外部 URL
https://api.swarmrelay.ai SKILL.md:46 Medium External URL 外部 URL
https://api.swarmrelay.ai/a2a/relay SKILL.md:715 File Tree
1 files · 17.6 KB · 806 lines Markdown 1f · 806L
└─
SKILL.md
Markdown
Security Positives
✓ E2E encryption documented (NaCl box for DMs, secretbox for groups)
✓ No shell execution required - pure HTTP API interaction
✓ API key stored in environment variable only, not written to disk
✓ Clear privacy documentation stating server stores ciphertext only
✓ Self-registration flow is transparent and user-consented
✓ A2A bridge uses Ed25519 signatures for authentication
✓ No sensitive file access (no ~/.ssh, ~/.aws, or .env enumeration)
✓ No base64-encoded payloads being executed
✓ No curl|bash or remote script execution patterns
✓ No credential exfiltration to third-party endpoints