技能详情(站内镜像,无评论)
作者:Anshul Desai @anshuldesai
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v0.1.0
统计:⭐ 0 · 29 · 0 current installs · 0 all-time installs
⭐ 0
安装量(当前) 0
🛡 VirusTotal :可疑 · OpenClaw :可疑
Package:anshuldesai/toq
安全扫描(ClawHub)
- VirusTotal :可疑
- OpenClaw :可疑
OpenClaw 评估
The skill's instructions broadly match an agent-to-agent messaging tool, but the runtime guidance asks you to run an unverified install script, exposes your public IP to an external service, and encourages installing handlers that execute arbitrary commands based on incoming messages — all of which warrant caution before installing.
目的
Name and description (agent-to-agent secure messaging) align with the content: the SKILL.md documents installing a 'toq' daemon, opening port 9009, configuring DNS discovery, and registering handlers. Installing a binary and managing network/daemon settings is coherent with the stated purpose.
说明范围
The instructions include high-impact runtime steps: (1) curl https://toq.dev/install.sh | sh (runs remote script), (2) using an external service (ifconfig.me) to detect your public IP (leaks an indicator about your host to that service), (3) guidance to create handlers that run arbitrary shell/python/node binaries which will be executed by the daemon when messages arrive. While handler execution is an expected feature of such a system, the SKI…
安装机制
There is no registry install spec; the runtime instructions recommend piping a shell script from https://toq.dev/install.sh into sh — a high-risk install pattern because it executes remote code without verification. Homebrew is listed as an alternative (lower risk) but the primary curl | sh option is present and notable. The domain toq.dev is not validated in the metadata, and the installer may write binaries and daemon units to the system.
证书
The skill itself does not request environment variables or credentials, which is proportionate. However, handlers are explicitly allowed to call external model APIs (OpenAI, Ollama, etc.) and the recommended LLM handler pattern invokes 'openclaw agent --local' — meaning handlers may access whatever credentials or provider config your agent has. Handlers and daemon logs also read/write files in your home directory; these are powerful capabiliti…
持久
The skill suggests creating systemd/launchd service units to auto-start the daemon on boot. That's expected for persistent daemons and 'always' is not set in metadata. Still, creating a system service requires elevated privileges and grants the toq daemon persistent system presence, so users should review the binary and service file before enabling.
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「toq protocol」。简介:Send and receive secure messages to other AI agents using the toq protocol. Use…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/anshuldesai/toq/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: toq
description: Send and receive secure messages to other AI agents using the toq protocol. Use when the user wants to set up agent-to-agent communication, send or receive toq messages, manage agent connections (approve, block, revoke), check toq status, configure DNS discovery, register message handlers, or anything involving "toq" or communication between AI agents.
---
# toq protocol
toq is a secure agent-to-agent communication protocol. Each agent is an endpoint identified by a toq address like `toq://hostname/agent-name` on port 9009.
## Setup
Guide the user conversationally. Do not dump all steps at once.
Before anything else: "toq is in alpha. Great for experimenting with agent-to-agent communication, but avoid sending personal or sensitive data through it for now."
### Step 1: Install toq
Check if installed:
```bash
which toq > /dev/null 2>&1 && toq --version
```
If not found, install:
```bash
curl -sSf https://toq.dev/install.sh | sh && export PATH="$HOME/.toq/bin:$PATH"
```
Or with Homebrew:
```bash
brew install toqprotocol/toq/toq
```
If toq is installed but not in PATH:
```bash
export PATH="$HOME/.toq/bin:$PATH"
```
### Step 2: Configure
Ask for agent name (lowercase, hyphens allowed). Detect host IP:
```bash
PUBLIC_IP=$(curl -4 -s ifconfig.me) && LOCAL_IP=$(hostname -I 2>/dev/null | awk '{print $1}' || ipconfig getifaddr en0 2>/dev/null) && echo "Public: $PUBLIC_IP Local: $LOCAL_IP"
```
Run setup:
```bash
toq setup --non-interactive --agent-name=<name> --connection-mode=approval --adapter=http --host=<ip>
```
### Step 3: Start
```bash
toq up && toq doctor
```
### Step 4: Security check
Present the walkthrough from [references/security.md](references/security.md). Do not skip.
### Step 5: What's next
Show status with `toq status` and present options:
- "Send a test message"
- "Set up a message handler"
- "Configure my allowlist"
- "Set up DNS"
## Sending messages
The agent name in the address is validated during connection. Sending to `toq://host/wrong-name` will fail with a clear error if no agent with that name exists on that endpoint.
```bash
toq send toq://hostname/agent-name "message text"
toq send toq://hostname/agent-name "reply" --thread-id <id>
toq send toq://hostname/agent-name "goodbye" --thread-id <id> --close-thread
```
For agents on non-default ports, include the port in the address:
```bash
toq send toq://hostname:9010/agent-name "message text"
```
## Approvals and permissions
Approval is bidirectional. Both sides must approve each other before messages flow. When alice sends to charlie, charlie must approve alice. When charlie replies, alice must approve charlie.
"When a new agent tries to talk to you, they go into a waiting list. You decide who gets in."
```bash
toq approvals # list pending
toq approve <key> # approve by key
toq approve --from "toq://host/*" # approve by pattern
toq deny <key> # deny
toq block --from "toq://host/agent" # block
toq unblock --from "toq://host/agent" # unblock
toq permissions # list all rules
```
Wildcards: `toq://*` (all), `toq://host/*` (all on host), `toq://*/name` (name on any host).
## Message handlers
Handlers auto-process incoming messages. See [references/handlers.md](references/handlers.md) for shell patterns and [references/conversational.md](references/conversational.md) for LLM handlers.
Save handler scripts to `~/handlers/`. Consider testing scripts manually before registering:
```bash
mkdir -p ~/handlers
# Test with mock env vars:
TOQ_FROM="toq://test/agent" TOQ_TEXT="test message" TOQ_THREAD_ID="test-123" python3 ~/handlers/my-handler.py
```
After registering, check handler logs with `toq handler logs <name>` to verify behavior.
When the user wants custom behavior for incoming messages (auto-replies, forwarding, logging, task processing, notifications), suggest setting up a handler. Handlers are the primary way to automate responses and build agent workflows.
After creating handlers or any automated setup, always give the user a brief breakdown: what was created, where files live, and how it works. Keep it concise.
When multiple agents need to exchange structured messages (acks, status updates, task results), agree on a message format convention upfront. Agents set up independently may use different formats, causing parsing mismatches.
Register a shell handler:
```bash
toq handler add <name> --command "bash ~/handlers/my-handler.sh" [--from "toq://*/alice"]
```
Handlers can run any executable: bash, python, node, or any binary. The command is passed to `sh -c`, so pipes and redirects work.
```bash
toq handler add <name> --command "python3 ~/handlers/handler.py"
toq handler add <name> --command "node ~/handlers/handler.js"
```
Register an LLM handler:
```bash
toq handler add <name> --provider <provider> --model <model> --prompt "..." [--auto-close]
```
Manage handlers:
```bash
toq handler list
toq handler enable|disable <name>
toq handler remove <name>
toq handler logs <name>
```
Handler environment variables (set by the daemon, use these exact names):
- `TOQ_FROM` - sender address
- `TOQ_TEXT` - message text
- `TOQ_THREAD_ID` - thread ID for replies
- `TOQ_ID` - message ID
- `TOQ_TYPE` - message type
- `TOQ_HANDLER` - handler name
- `TOQ_URL` - daemon API URL
Full message JSON is also piped to stdin.
When a handler needs LLM reasoning, default to `openclaw agent --local --message "..."` which uses the configured model provider. Users can also call any model API directly if they prefer (e.g., curl to OpenAI, Ollama, or any other provider).
When forwarding messages between agents in a pipeline, embed the original sender address and thread ID in the message body so downstream agents can route responses back to the originator.
## Multiple agents on one machine
Run multiple agents by using separate workspaces and ports:
```bash
# First agent (default workspace, port 9009)
toq setup --non-interactive --agent-name=alice --connection-mode=approval --host=<ip>
toq up
# Second agent (custom workspace, port 9010)
toq setup --non-interactive --agent-name=bob --connection-mode=approval --host=<ip> --config-dir ~/.toq-bob
toq config set port 9010 --config-dir ~/.toq-bob
toq up --config-dir ~/.toq-bob
```
All commands for the second agent need `--config-dir ~/.toq-bob`. The address includes the port: `toq://hostname:9010/bob`.
## Common tasks
See [references/commands.md](references/commands.md) for the full CLI reference.
- "What's my toq address?" -> `toq whoami`
- "Is toq running?" -> `toq status`
- "Run diagnostics" -> `toq doctor`
- "Show peers" -> `toq peers`
- "Check received messages" -> `toq messages`
- "Discover agents at a domain" -> `toq discover <domain>`
- "Change connection mode" -> `toq config set connection_mode <mode>` then `toq down && toq up`
- "Shut down toq" -> `toq down`
## Emergency shutdown
```bash
toq down
```
If that fails:
```bash
pkill -f "toq up" && rm -f ~/.toq/toq.pid
```
## Key management
Export and import require a TTY. Tell the user to run these manually:
- Export: `toq export <path>`
- Import: `toq import <path>`
- Rotate keys: `toq rotate-keys`