🟢 Low Risk Audited: Feb 5, 2026

clawd-notify-skill

Simple notification tool to send messages from OpenCode to OpenClaw main session. Facilitates cross-session communication.

View Repository →

📋 Audit Summary

Author xybstone
Category Utilities
License MIT
Dependencies openclaw CLI only
Install Command git clone https://github.com/xybstone/clawd-notify-skill.git

🔍 Security Analysis

✅ Minimal Attack Surface

Single 20-line bash script. Only calls openclaw sessions_send with user-provided message. No external network calls beyond OpenClaw's internal API.

✅ No Credential Handling

Uses existing OpenClaw session infrastructure. No API keys, tokens, or credentials stored or managed by this skill.

✅ Input Validation

Basic validation ensures message is provided. Shell escaping handled by proper quoting in usage examples.

⚠️ Shell Script

Bash script execution requires caution with special characters. Users should avoid unescaped quotes in messages.

📦 Implementation

#!/bin/bash

set -e

 

if [ -z "$1" ]; then

  echo "Usage: clawd-notify \"<message>\""

  exit 1

fi

 

MESSAGE="$1"

openclaw sessions_send --message "$MESSAGE"

8.0
Trust Score / 10
Low Risk - Simple messaging utility

🎯 Permissions

shell messaging

✅ Best Practices

  • • Minimal code
  • • Error handling
  • • Clear usage docs
  • • No external deps

💡 Use Cases

  • • OpenCode → OpenClaw sync
  • • Task completion notifications
  • • Cross-session updates
  • • Status reporting