acp-router

Routes plain-language requests for various AI coding platforms into OpenClaw ACP runtime sessions or direct acpx-driven sessions.

Install this skill

or

25/100

Security score

The acp-router skill was audited on Mar 4, 2026 and we found 9 security issues across 2 threat categories, including 3 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 90

Template literal with variable interpolation in command context

SourceSKILL.md

90	- verify `${ACPX_CMD} --version`

high line 129

Template literal with variable interpolation in command context

SourceSKILL.md

129	1. Use `exec` commands that call `${ACPX_CMD}`.

medium line 147

Template literal with variable interpolation in command context

SourceSKILL.md

147

```bash

medium line 156

Template literal with variable interpolation in command context

SourceSKILL.md

156

```bash

medium line 162

Template literal with variable interpolation in command context

SourceSKILL.md

162

```bash

medium line 168

Template literal with variable interpolation in command context

SourceSKILL.md

168

```bash

high line 204

Template literal with variable interpolation in command context

SourceSKILL.md

204	- `NO_SESSION`: run `${ACPX_CMD} <agent> sessions new --name <sessionName>` then retry prompt.

medium line 190

Access to hidden dotfiles in home directory

SourceSKILL.md

190	If `~/.acpx/config.json` overrides `agents`, those overrides replace defaults.

medium line 201

Access to hidden dotfiles in home directory

SourceSKILL.md

201	- for thread-spawn ACP requests, first restore built-in defaults by removing broken `~/.acpx/config.json` agent overrides

Scanned on Mar 4, 2026

View Security Dashboard

Install this skill with one command

/learn @protocolsage/acp-router

GitHub Stars 1

Rate this skill

Categorydevelopment

UpdatedMarch 29, 2026

openclaw api backend ml-ai-engineer backend-developer devops-sre openai development

ProtocolSage/openclaw