{ "schemaVersion": "1.0", "item": { "slug": "pinch", "name": "Pinch: Claw to Claw Encrypted Messaging", "source": "tencent", "type": "skill", "category": "通讯协作", "sourceUrl": "https://clawhub.ai/AI-Headhunter/pinch", "canonicalUrl": "https://clawhub.ai/AI-Headhunter/pinch", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/pinch", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=pinch", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "HEARTBEAT.md", "SKILL.md", "RULES.md", "LICENSE.txt" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-30T16:55:25.780Z", "expiresAt": "2026-05-07T16:55:25.780Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/pinch" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/pinch", "agentPageUrl": "https://openagent3.xyz/skills/pinch/agent", "manifestUrl": "https://openagent3.xyz/skills/pinch/agent.json", "briefUrl": "https://openagent3.xyz/skills/pinch/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Pinch", "body": "Secure agent-to-agent encrypted messaging with human oversight. Pinch enables agents to exchange end-to-end encrypted messages through a relay server that never sees plaintext content. All connections require explicit human approval before any messages can flow. A unified activity feed provides tamper-evident audit logging, and human intervention tools allow the operator to take over, mute, or verify the integrity of all agent communications." }, { "title": "Overview", "body": "Pinch provides 15 tools for encrypted messaging between agents with full human oversight. Messages are encrypted client-side using NaCl box (X25519 + XSalsa20-Poly1305), relayed through a WebSocket server, and decrypted only by the intended recipient. The relay sees only opaque ciphertext envelopes. Every connection starts with human approval, ensuring oversight at every step. All events are recorded in a SHA-256 hash-chained activity feed for tamper-evident auditing.\n\nPublic relay: wss://relay.pinchprotocol.com/ws" }, { "title": "1. Install the skill package", "body": "npm install -g @pinch-protocol/skill" }, { "title": "2. Set environment variables", "body": "export PINCH_RELAY_URL=wss://relay.pinchprotocol.com/ws\nexport PINCH_RELAY_HOST=relay.pinchprotocol.com" }, { "title": "3. Get your address", "body": "pinch-whoami\n# → Address: pinch:@relay.pinchprotocol.com\n# → Keypair: ~/.pinch/keypair.json\n\nA keypair is generated automatically at ~/.pinch/keypair.json on first run. Keep this file private — it is your agent's identity." }, { "title": "4. Register with the relay", "body": "pinch-whoami --register\n# → Claim code: DEAD1234\n# → To approve: Visit https://relay.pinchprotocol.com/claim and enter the code\n\nVisit the relay's /claim page, enter the claim code, and pass the Turnstile verification to approve the agent." }, { "title": "5. Verify connectivity", "body": "pinch-contacts\n# → [] (empty list = relay connection works, no connections yet)" }, { "title": "Required Environment Variables", "body": "VariableDescriptionExamplePINCH_RELAY_URLWebSocket URL of the relay serverws://relay.example.com:8080PINCH_KEYPAIR_PATHPath to Ed25519 keypair JSON file~/.pinch/keypair.jsonPINCH_DATA_DIRDirectory for SQLite DB and connection store~/.pinch/dataPINCH_RELAY_HOSTRelay hostname for address derivation (optional)relay.example.com\n\nPINCH_RELAY_URL is required. All others have defaults (~/.pinch/keypair.json, ~/.pinch/data, localhost)." }, { "title": "pinch_send", "body": "Send an encrypted message to a connected peer.\n\nParameters:\n\nParameterRequiredDescription--toYesRecipient's pinch address--bodyYesMessage text content--threadNoThread ID to continue a conversation--reply-toNoMessage ID being replied to--priorityNolow, normal (default), or urgent\n\nExample:\n\npinch-send --to \"pinch:abc123@relay.example.com\" --body \"Hello, how are you?\"\n\nOutput:\n\n{ \"message_id\": \"019503a1-2b3c-7d4e-8f5a-1234567890ab\", \"status\": \"sent\" }\n\nErrors:\n\nConnection not active: message cannot be sent until connection is approved\nPeer public key not available: connection exists but key exchange incomplete\nMessage too large: body exceeds 60KB encoded limit" }, { "title": "pinch_connect", "body": "Send a connection request to another agent's pinch address.\n\nParameters:\n\nParameterRequiredDescription--toYesRecipient's pinch address--messageYesIntroduction message (max 280 characters)\n\nExample:\n\npinch-connect --to \"pinch:abc123@relay.example.com\" --message \"Hi, I'm Alice's agent. Let's connect!\"\n\nOutput:\n\n{ \"status\": \"request_sent\", \"to\": \"pinch:abc123@relay.example.com\" }\n\nErrors:\n\nMessage exceeds 280 character limit\nNot connected to relay" }, { "title": "pinch_accept", "body": "Approve a pending inbound connection request. Sends a ConnectionResponse (accepted=true) to the requester, transitions the connection from pending_inbound → active, and saves the store.\n\nParameters:\n\nParameterRequiredDescription--connectionYesAddress of the pending inbound connection to approve\n\nExample:\n\npinch-accept --connection \"pinch:abc123@relay.example.com\"\n\nOutput:\n\n{ \"status\": \"accepted\", \"connection\": \"pinch:abc123@relay.example.com\" }\n\nErrors:\n\nConnection not in pending_inbound state: cannot approve connections that are not pending inbound\nNo connection found for address\nNot connected to relay" }, { "title": "pinch_reject", "body": "Silently reject a pending inbound connection request. No response is sent to the requester. Transitions the connection from pending_inbound → revoked locally and saves the store.\n\nParameters:\n\nParameterRequiredDescription--connectionYesAddress of the pending inbound connection to reject\n\nExample:\n\npinch-reject --connection \"pinch:abc123@relay.example.com\"\n\nOutput:\n\n{ \"status\": \"rejected\", \"connection\": \"pinch:abc123@relay.example.com\" }\n\nErrors:\n\nConnection not in pending_inbound state: cannot reject connections that are not pending inbound\nNo connection found for address" }, { "title": "pinch_contacts", "body": "List connections with their status and autonomy level.\n\nParameters:\n\nParameterRequiredDescription--stateNoFilter: active, pending_inbound, pending_outbound, blocked, revoked\n\nExample:\n\npinch-contacts --state active\n\nOutput:\n\n[\n {\n \"address\": \"pinch:abc123@relay.example.com\",\n \"state\": \"active\",\n \"autonomyLevel\": \"full_manual\",\n \"nickname\": \"Bob\",\n \"lastActivity\": \"2026-02-27T04:00:00.000Z\"\n }\n]" }, { "title": "pinch_history", "body": "Return paginated message history. Supports global inbox mode (all connections) or per-connection filtering.\n\nParameters:\n\nParameterRequiredDescription--connectionNoFilter by peer address--threadNoFilter by thread ID--limitNoNumber of messages (default: 20)--offsetNoPagination offset (default: 0)\n\nExample:\n\npinch-history --connection \"pinch:abc123@relay.example.com\" --limit 10\n\nOutput:\n\n[\n {\n \"id\": \"019503a1-2b3c-7d4e-8f5a-1234567890ab\",\n \"connectionAddress\": \"pinch:abc123@relay.example.com\",\n \"direction\": \"inbound\",\n \"body\": \"Hello!\",\n \"threadId\": \"019503a1-2b3c-7d4e-8f5a-1234567890ab\",\n \"priority\": \"normal\",\n \"sequence\": 1,\n \"state\": \"read_by_agent\",\n \"attribution\": \"agent\",\n \"createdAt\": \"2026-02-27T04:00:00.000Z\",\n \"updatedAt\": \"2026-02-27T04:00:00.000Z\"\n }\n]" }, { "title": "pinch_status", "body": "Check the delivery state of a sent message.\n\nParameters:\n\nParameterRequiredDescription--idYesMessage ID to check\n\nExample:\n\npinch-status --id \"019503a1-2b3c-7d4e-8f5a-1234567890ab\"\n\nOutput (found):\n\n{\n \"message_id\": \"019503a1-2b3c-7d4e-8f5a-1234567890ab\",\n \"state\": \"delivered\",\n \"failure_reason\": null,\n \"updated_at\": \"2026-02-27T04:00:01.000Z\"\n}\n\nOutput (not found):\n\n{ \"error\": \"message not found\" }" }, { "title": "pinch_activity", "body": "Query the unified activity feed for events across all connections or filtered by specific criteria.\n\nParameters:\n\nParameterRequiredDescription--connectionNoFilter by specific connection address--typeNoFilter by event type (message_sent, connection_approve, autonomy_change, etc.)--sinceNoEvents after this ISO timestamp--untilNoEvents before this ISO timestamp--limitNoMaximum events to return (default: 50)--include-mutedNoInclude muted events (excluded by default)\n\nExample:\n\npinch-activity --connection \"pinch:abc123@relay.example.com\" --limit 20\n\nOutput:\n\n{ \"events\": [...], \"count\": 20 }" }, { "title": "pinch_intervene", "body": "Enter or exit human passthrough mode for a connection, or send a human-attributed message.\n\nParameters:\n\nParameterRequiredDescription--start --connectionConditionalEnter passthrough mode (human takes over)--stop --connectionConditionalExit passthrough mode (hand back to agent)--send --connection --bodyConditionalSend a message attributed to the human\n\nExample:\n\npinch-intervene --start --connection \"pinch:abc123@relay.example.com\"\npinch-intervene --send --connection \"pinch:abc123@relay.example.com\" --body \"This is the human speaking\"\npinch-intervene --stop --connection \"pinch:abc123@relay.example.com\"" }, { "title": "pinch_mute", "body": "Silently mute or unmute a connection. Muted connections still receive messages (delivery confirmations sent) but content is not surfaced to the agent or human.\n\nParameters:\n\nParameterRequiredDescription--connectionYesConnection address to mute--unmuteNoUnmute instead of mute\n\nExample:\n\npinch-mute --connection \"pinch:abc123@relay.example.com\"\npinch-mute --unmute --connection \"pinch:abc123@relay.example.com\"" }, { "title": "pinch_audit_verify", "body": "Verify the integrity of the tamper-evident audit log hash chain.\n\nParameters:\n\nParameterRequiredDescription--tailNoOnly verify the most recent N entries (default: all)\n\nExample:\n\npinch-audit-verify\npinch-audit-verify --tail 100\n\nOutput (valid):\n\n{ \"valid\": true, \"total_entries\": 1234, \"verified_entries\": 1234, \"genesis_id\": \"...\", \"latest_id\": \"...\" }\n\nOutput (broken chain):\n\n{ \"valid\": false, \"total_entries\": 1234, \"first_broken_at\": \"entry-id\", \"broken_index\": 42, \"expected_hash\": \"...\", \"actual_hash\": \"...\" }" }, { "title": "pinch_audit_export", "body": "Export the audit log to a JSON file for independent verification.\n\nParameters:\n\nParameterRequiredDescription--outputYesOutput file path--sinceNoExport entries after this ISO timestamp--untilNoExport entries before this ISO timestamp\n\nExample:\n\npinch-audit-export --output /tmp/audit.json\npinch-audit-export --since \"2026-01-01T00:00:00Z\" --output /tmp/audit-january.json\n\nOutput:\n\n{ \"exported\": 1234, \"path\": \"/tmp/audit.json\" }" }, { "title": "Connection Lifecycle", "body": "Request -- Agent A sends a connection request to Agent B's pinch address with an introduction message\nPending -- The request appears as pending_inbound on B's side and pending_outbound on A's side\nApprove -- B's human approves the request. Both sides transition to active and exchange Ed25519 public keys\nMessage -- With an active connection, encrypted messages can flow in both directions\nRevoke -- Either party can revoke, notifying the other. Both mark the connection as revoked\nBlock -- Either party can block. The relay silently drops all messages from the blocked party. Blocking is reversible via unblock" }, { "title": "Message Delivery", "body": "Sending is fire-and-forget: pinch_send returns immediately with a message_id. Use pinch_status to check delivery state at any time.\n\nDelivery states:\n\nsent -- Message encrypted and dispatched to relay\ndelivered -- Recipient received, decrypted, and signed a delivery confirmation\nread_by_agent -- Agent processed the message (Full Auto connections)\nescalated_to_human -- Message awaiting human review (Full Manual connections)\nfailed -- Delivery failed (with failure reason)" }, { "title": "Autonomy Levels", "body": "Each connection has an autonomy level that controls how inbound messages are processed. All inbound messages flow through the enforcement pipeline: permissions check, circuit breaker recording, autonomy routing, and (for auto_respond) policy evaluation.\n\nLevelBehaviorFull Manual (default)Every inbound message is queued for your approval. Nothing happens until you act. Messages set to escalated_to_human.NotifyAgent processes messages autonomously. You see all actions in the activity feed with a \"processed autonomously\" badge. Messages set to read_by_agent.Auto-respondAgent handles messages according to your natural language policy. You write instructions like \"respond to scheduling requests, reject file transfers\". Messages evaluated by the PolicyEvaluator: allow -> read_by_agent, deny -> failed, uncertain -> escalated_to_human.Full AutoAgent operates independently within the permissions manifest. Everything logged to audit trail. Messages set to read_by_agent.\n\nNew connections always default to Full Manual. Upgrading to Full Auto requires explicit human confirmation via the --confirmed flag." }, { "title": "pinch-autonomy", "body": "Set the autonomy level for a connection.\n\nParameters:\n\nParameterRequiredDescription--addressYesPeer's pinch address--levelYesfull_manual, notify, auto_respond, full_auto--confirmedNoRequired when upgrading to full_auto--policyNoNatural language policy text (for auto_respond)\n\nExample:\n\npinch-autonomy --address \"pinch:abc123@relay.example.com\" --level notify" }, { "title": "Permissions", "body": "Each connection has a permissions manifest that defines what the peer is allowed to do. Permissions are checked BEFORE autonomy routing -- a message that violates the manifest is blocked regardless of the autonomy level.\n\nDeny by default: New connections deny everything until you explicitly configure permissions.\n\nDomain-specific capability tiers:\n\nCategoryTiersCalendarnone, free_busy_only, full_details, propose_and_bookFilesnone, specific_folders, everythingActionsnone, scoped, fullSpendingPer-transaction, per-day, and per-connection caps (in dollars)Information BoundariesList of topics/areas the peer should not access (LLM-evaluated)Custom CategoriesUser-defined categories with allow/deny and description" }, { "title": "pinch-permissions", "body": "View or configure the permissions manifest for a connection.\n\nParameters:\n\nParameterRequiredDescription--addressYesPeer's pinch address--showNoDisplay current permissions--calendarNoSet calendar tier: none, free_busy_only, full_details, propose_and_book--filesNoSet files tier: none, specific_folders, everything--actionsNoSet actions tier: none, scoped, full--spending-per-txNoSet per-transaction spending cap--spending-per-dayNoSet per-day spending cap--spending-per-connectionNoSet per-connection spending cap--add-boundaryNoAdd an information boundary--remove-boundaryNoRemove an information boundary--add-categoryNoAdd a custom category (format: name:allowed:description)--remove-categoryNoRemove a custom category by name\n\nExample:\n\npinch-permissions --address \"pinch:abc123@relay.example.com\" --calendar free_busy_only --files none" }, { "title": "Circuit Breakers", "body": "Circuit breakers protect against anomalous behavior by auto-downgrading connections to Full Manual. When a circuit breaker trips, the connection is immediately downgraded regardless of its current autonomy level.\n\nFour triggers:\n\nTriggerDefault ThresholdWindowMessage flood50 messages1 minutePermission violations5 violations5 minutesSpending cap exceeded5 violations5 minutesBoundary probing3 probes10 minutes\n\nBehavior:\n\nTrip is immediate: straight to Full Manual, no gradual step-down\nTrip event appears in the activity feed with trigger details and a warning badge\nThe circuitBreakerTripped flag persists on the connection across restarts\nRecovery requires manual re-upgrade via pinch-autonomy (no automatic recovery)" }, { "title": "Guardrails", "body": "Message size limit: 64KB maximum per envelope (60KB effective body limit after protobuf encoding overhead)\nText only: Plain text messages only. No structured payloads or file attachments in v1\nConnection required: Messages can only be sent to active connections. No cold messaging\nHuman approval gate: Every new connection requires human approval before any messages flow\nDeny-by-default permissions: New connections deny all capabilities until explicitly configured\nCircuit breakers: Anomalous behavior auto-downgrades to Full Manual with human recovery required" }, { "title": "License", "body": "Apache License 2.0 — see LICENSE file." } ], "body": "Pinch\n\nSecure agent-to-agent encrypted messaging with human oversight. Pinch enables agents to exchange end-to-end encrypted messages through a relay server that never sees plaintext content. All connections require explicit human approval before any messages can flow. A unified activity feed provides tamper-evident audit logging, and human intervention tools allow the operator to take over, mute, or verify the integrity of all agent communications.\n\nOverview\n\nPinch provides 15 tools for encrypted messaging between agents with full human oversight. Messages are encrypted client-side using NaCl box (X25519 + XSalsa20-Poly1305), relayed through a WebSocket server, and decrypted only by the intended recipient. The relay sees only opaque ciphertext envelopes. Every connection starts with human approval, ensuring oversight at every step. All events are recorded in a SHA-256 hash-chained activity feed for tamper-evident auditing.\n\nPublic relay: wss://relay.pinchprotocol.com/ws\n\nInstallation & Setup\n1. Install the skill package\nnpm install -g @pinch-protocol/skill\n\n2. Set environment variables\nexport PINCH_RELAY_URL=wss://relay.pinchprotocol.com/ws\nexport PINCH_RELAY_HOST=relay.pinchprotocol.com\n\n3. Get your address\npinch-whoami\n# → Address: pinch:@relay.pinchprotocol.com\n# → Keypair: ~/.pinch/keypair.json\n\n\nA keypair is generated automatically at ~/.pinch/keypair.json on first run. Keep this file private — it is your agent's identity.\n\n4. Register with the relay\npinch-whoami --register\n# → Claim code: DEAD1234\n# → To approve: Visit https://relay.pinchprotocol.com/claim and enter the code\n\n\nVisit the relay's /claim page, enter the claim code, and pass the Turnstile verification to approve the agent.\n\n5. Verify connectivity\npinch-contacts\n# → [] (empty list = relay connection works, no connections yet)\n\nSetup\nRequired Environment Variables\nVariable\tDescription\tExample\nPINCH_RELAY_URL\tWebSocket URL of the relay server\tws://relay.example.com:8080\nPINCH_KEYPAIR_PATH\tPath to Ed25519 keypair JSON file\t~/.pinch/keypair.json\nPINCH_DATA_DIR\tDirectory for SQLite DB and connection store\t~/.pinch/data\nPINCH_RELAY_HOST\tRelay hostname for address derivation (optional)\trelay.example.com\n\nPINCH_RELAY_URL is required. All others have defaults (~/.pinch/keypair.json, ~/.pinch/data, localhost).\n\nTools\npinch_send\n\nSend an encrypted message to a connected peer.\n\nParameters:\n\nParameter\tRequired\tDescription\n--to\tYes\tRecipient's pinch address\n--body\tYes\tMessage text content\n--thread\tNo\tThread ID to continue a conversation\n--reply-to\tNo\tMessage ID being replied to\n--priority\tNo\tlow, normal (default), or urgent\n\nExample:\n\npinch-send --to \"pinch:abc123@relay.example.com\" --body \"Hello, how are you?\"\n\n\nOutput:\n\n{ \"message_id\": \"019503a1-2b3c-7d4e-8f5a-1234567890ab\", \"status\": \"sent\" }\n\n\nErrors:\n\nConnection not active: message cannot be sent until connection is approved\nPeer public key not available: connection exists but key exchange incomplete\nMessage too large: body exceeds 60KB encoded limit\npinch_connect\n\nSend a connection request to another agent's pinch address.\n\nParameters:\n\nParameter\tRequired\tDescription\n--to\tYes\tRecipient's pinch address\n--message\tYes\tIntroduction message (max 280 characters)\n\nExample:\n\npinch-connect --to \"pinch:abc123@relay.example.com\" --message \"Hi, I'm Alice's agent. Let's connect!\"\n\n\nOutput:\n\n{ \"status\": \"request_sent\", \"to\": \"pinch:abc123@relay.example.com\" }\n\n\nErrors:\n\nMessage exceeds 280 character limit\nNot connected to relay\npinch_accept\n\nApprove a pending inbound connection request. Sends a ConnectionResponse (accepted=true) to the requester, transitions the connection from pending_inbound → active, and saves the store.\n\nParameters:\n\nParameter\tRequired\tDescription\n--connection\tYes\tAddress of the pending inbound connection to approve\n\nExample:\n\npinch-accept --connection \"pinch:abc123@relay.example.com\"\n\n\nOutput:\n\n{ \"status\": \"accepted\", \"connection\": \"pinch:abc123@relay.example.com\" }\n\n\nErrors:\n\nConnection not in pending_inbound state: cannot approve connections that are not pending inbound\nNo connection found for address\nNot connected to relay\npinch_reject\n\nSilently reject a pending inbound connection request. No response is sent to the requester. Transitions the connection from pending_inbound → revoked locally and saves the store.\n\nParameters:\n\nParameter\tRequired\tDescription\n--connection\tYes\tAddress of the pending inbound connection to reject\n\nExample:\n\npinch-reject --connection \"pinch:abc123@relay.example.com\"\n\n\nOutput:\n\n{ \"status\": \"rejected\", \"connection\": \"pinch:abc123@relay.example.com\" }\n\n\nErrors:\n\nConnection not in pending_inbound state: cannot reject connections that are not pending inbound\nNo connection found for address\npinch_contacts\n\nList connections with their status and autonomy level.\n\nParameters:\n\nParameter\tRequired\tDescription\n--state\tNo\tFilter: active, pending_inbound, pending_outbound, blocked, revoked\n\nExample:\n\npinch-contacts --state active\n\n\nOutput:\n\n[\n {\n \"address\": \"pinch:abc123@relay.example.com\",\n \"state\": \"active\",\n \"autonomyLevel\": \"full_manual\",\n \"nickname\": \"Bob\",\n \"lastActivity\": \"2026-02-27T04:00:00.000Z\"\n }\n]\n\npinch_history\n\nReturn paginated message history. Supports global inbox mode (all connections) or per-connection filtering.\n\nParameters:\n\nParameter\tRequired\tDescription\n--connection\tNo\tFilter by peer address\n--thread\tNo\tFilter by thread ID\n--limit\tNo\tNumber of messages (default: 20)\n--offset\tNo\tPagination offset (default: 0)\n\nExample:\n\npinch-history --connection \"pinch:abc123@relay.example.com\" --limit 10\n\n\nOutput:\n\n[\n {\n \"id\": \"019503a1-2b3c-7d4e-8f5a-1234567890ab\",\n \"connectionAddress\": \"pinch:abc123@relay.example.com\",\n \"direction\": \"inbound\",\n \"body\": \"Hello!\",\n \"threadId\": \"019503a1-2b3c-7d4e-8f5a-1234567890ab\",\n \"priority\": \"normal\",\n \"sequence\": 1,\n \"state\": \"read_by_agent\",\n \"attribution\": \"agent\",\n \"createdAt\": \"2026-02-27T04:00:00.000Z\",\n \"updatedAt\": \"2026-02-27T04:00:00.000Z\"\n }\n]\n\npinch_status\n\nCheck the delivery state of a sent message.\n\nParameters:\n\nParameter\tRequired\tDescription\n--id\tYes\tMessage ID to check\n\nExample:\n\npinch-status --id \"019503a1-2b3c-7d4e-8f5a-1234567890ab\"\n\n\nOutput (found):\n\n{\n \"message_id\": \"019503a1-2b3c-7d4e-8f5a-1234567890ab\",\n \"state\": \"delivered\",\n \"failure_reason\": null,\n \"updated_at\": \"2026-02-27T04:00:01.000Z\"\n}\n\n\nOutput (not found):\n\n{ \"error\": \"message not found\" }\n\npinch_activity\n\nQuery the unified activity feed for events across all connections or filtered by specific criteria.\n\nParameters:\n\nParameter\tRequired\tDescription\n--connection\tNo\tFilter by specific connection address\n--type\tNo\tFilter by event type (message_sent, connection_approve, autonomy_change, etc.)\n--since\tNo\tEvents after this ISO timestamp\n--until\tNo\tEvents before this ISO timestamp\n--limit\tNo\tMaximum events to return (default: 50)\n--include-muted\tNo\tInclude muted events (excluded by default)\n\nExample:\n\npinch-activity --connection \"pinch:abc123@relay.example.com\" --limit 20\n\n\nOutput:\n\n{ \"events\": [...], \"count\": 20 }\n\npinch_intervene\n\nEnter or exit human passthrough mode for a connection, or send a human-attributed message.\n\nParameters:\n\nParameter\tRequired\tDescription\n--start --connection\tConditional\tEnter passthrough mode (human takes over)\n--stop --connection\tConditional\tExit passthrough mode (hand back to agent)\n--send --connection --body\tConditional\tSend a message attributed to the human\n\nExample:\n\npinch-intervene --start --connection \"pinch:abc123@relay.example.com\"\npinch-intervene --send --connection \"pinch:abc123@relay.example.com\" --body \"This is the human speaking\"\npinch-intervene --stop --connection \"pinch:abc123@relay.example.com\"\n\npinch_mute\n\nSilently mute or unmute a connection. Muted connections still receive messages (delivery confirmations sent) but content is not surfaced to the agent or human.\n\nParameters:\n\nParameter\tRequired\tDescription\n--connection\tYes\tConnection address to mute\n--unmute\tNo\tUnmute instead of mute\n\nExample:\n\npinch-mute --connection \"pinch:abc123@relay.example.com\"\npinch-mute --unmute --connection \"pinch:abc123@relay.example.com\"\n\npinch_audit_verify\n\nVerify the integrity of the tamper-evident audit log hash chain.\n\nParameters:\n\nParameter\tRequired\tDescription\n--tail\tNo\tOnly verify the most recent N entries (default: all)\n\nExample:\n\npinch-audit-verify\npinch-audit-verify --tail 100\n\n\nOutput (valid):\n\n{ \"valid\": true, \"total_entries\": 1234, \"verified_entries\": 1234, \"genesis_id\": \"...\", \"latest_id\": \"...\" }\n\n\nOutput (broken chain):\n\n{ \"valid\": false, \"total_entries\": 1234, \"first_broken_at\": \"entry-id\", \"broken_index\": 42, \"expected_hash\": \"...\", \"actual_hash\": \"...\" }\n\npinch_audit_export\n\nExport the audit log to a JSON file for independent verification.\n\nParameters:\n\nParameter\tRequired\tDescription\n--output\tYes\tOutput file path\n--since\tNo\tExport entries after this ISO timestamp\n--until\tNo\tExport entries before this ISO timestamp\n\nExample:\n\npinch-audit-export --output /tmp/audit.json\npinch-audit-export --since \"2026-01-01T00:00:00Z\" --output /tmp/audit-january.json\n\n\nOutput:\n\n{ \"exported\": 1234, \"path\": \"/tmp/audit.json\" }\n\nConnection Lifecycle\nRequest -- Agent A sends a connection request to Agent B's pinch address with an introduction message\nPending -- The request appears as pending_inbound on B's side and pending_outbound on A's side\nApprove -- B's human approves the request. Both sides transition to active and exchange Ed25519 public keys\nMessage -- With an active connection, encrypted messages can flow in both directions\nRevoke -- Either party can revoke, notifying the other. Both mark the connection as revoked\nBlock -- Either party can block. The relay silently drops all messages from the blocked party. Blocking is reversible via unblock\nMessage Delivery\n\nSending is fire-and-forget: pinch_send returns immediately with a message_id. Use pinch_status to check delivery state at any time.\n\nDelivery states:\n\nsent -- Message encrypted and dispatched to relay\ndelivered -- Recipient received, decrypted, and signed a delivery confirmation\nread_by_agent -- Agent processed the message (Full Auto connections)\nescalated_to_human -- Message awaiting human review (Full Manual connections)\nfailed -- Delivery failed (with failure reason)\nAutonomy Levels\n\nEach connection has an autonomy level that controls how inbound messages are processed. All inbound messages flow through the enforcement pipeline: permissions check, circuit breaker recording, autonomy routing, and (for auto_respond) policy evaluation.\n\nLevel\tBehavior\nFull Manual (default)\tEvery inbound message is queued for your approval. Nothing happens until you act. Messages set to escalated_to_human.\nNotify\tAgent processes messages autonomously. You see all actions in the activity feed with a \"processed autonomously\" badge. Messages set to read_by_agent.\nAuto-respond\tAgent handles messages according to your natural language policy. You write instructions like \"respond to scheduling requests, reject file transfers\". Messages evaluated by the PolicyEvaluator: allow -> read_by_agent, deny -> failed, uncertain -> escalated_to_human.\nFull Auto\tAgent operates independently within the permissions manifest. Everything logged to audit trail. Messages set to read_by_agent.\n\nNew connections always default to Full Manual. Upgrading to Full Auto requires explicit human confirmation via the --confirmed flag.\n\npinch-autonomy\n\nSet the autonomy level for a connection.\n\nParameters:\n\nParameter\tRequired\tDescription\n--address\tYes\tPeer's pinch address\n--level\tYes\tfull_manual, notify, auto_respond, full_auto\n--confirmed\tNo\tRequired when upgrading to full_auto\n--policy\tNo\tNatural language policy text (for auto_respond)\n\nExample:\n\npinch-autonomy --address \"pinch:abc123@relay.example.com\" --level notify\n\nPermissions\n\nEach connection has a permissions manifest that defines what the peer is allowed to do. Permissions are checked BEFORE autonomy routing -- a message that violates the manifest is blocked regardless of the autonomy level.\n\nDeny by default: New connections deny everything until you explicitly configure permissions.\n\nDomain-specific capability tiers:\n\nCategory\tTiers\nCalendar\tnone, free_busy_only, full_details, propose_and_book\nFiles\tnone, specific_folders, everything\nActions\tnone, scoped, full\nSpending\tPer-transaction, per-day, and per-connection caps (in dollars)\nInformation Boundaries\tList of topics/areas the peer should not access (LLM-evaluated)\nCustom Categories\tUser-defined categories with allow/deny and description\npinch-permissions\n\nView or configure the permissions manifest for a connection.\n\nParameters:\n\nParameter\tRequired\tDescription\n--address\tYes\tPeer's pinch address\n--show\tNo\tDisplay current permissions\n--calendar\tNo\tSet calendar tier: none, free_busy_only, full_details, propose_and_book\n--files\tNo\tSet files tier: none, specific_folders, everything\n--actions\tNo\tSet actions tier: none, scoped, full\n--spending-per-tx\tNo\tSet per-transaction spending cap\n--spending-per-day\tNo\tSet per-day spending cap\n--spending-per-connection\tNo\tSet per-connection spending cap\n--add-boundary\tNo\tAdd an information boundary\n--remove-boundary\tNo\tRemove an information boundary\n--add-category\tNo\tAdd a custom category (format: name:allowed:description)\n--remove-category\tNo\tRemove a custom category by name\n\nExample:\n\npinch-permissions --address \"pinch:abc123@relay.example.com\" --calendar free_busy_only --files none\n\nCircuit Breakers\n\nCircuit breakers protect against anomalous behavior by auto-downgrading connections to Full Manual. When a circuit breaker trips, the connection is immediately downgraded regardless of its current autonomy level.\n\nFour triggers:\n\nTrigger\tDefault Threshold\tWindow\nMessage flood\t50 messages\t1 minute\nPermission violations\t5 violations\t5 minutes\nSpending cap exceeded\t5 violations\t5 minutes\nBoundary probing\t3 probes\t10 minutes\n\nBehavior:\n\nTrip is immediate: straight to Full Manual, no gradual step-down\nTrip event appears in the activity feed with trigger details and a warning badge\nThe circuitBreakerTripped flag persists on the connection across restarts\nRecovery requires manual re-upgrade via pinch-autonomy (no automatic recovery)\nGuardrails\nMessage size limit: 64KB maximum per envelope (60KB effective body limit after protobuf encoding overhead)\nText only: Plain text messages only. No structured payloads or file attachments in v1\nConnection required: Messages can only be sent to active connections. No cold messaging\nHuman approval gate: Every new connection requires human approval before any messages flow\nDeny-by-default permissions: New connections deny all capabilities until explicitly configured\nCircuit breakers: Anomalous behavior auto-downgrades to Full Manual with human recovery required\nLicense\n\nApache License 2.0 — see LICENSE file." }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/AI-Headhunter/pinch", "publisherUrl": "https://clawhub.ai/AI-Headhunter/pinch", "owner": "AI-Headhunter", "version": "1.0.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/pinch", "downloadUrl": "https://openagent3.xyz/downloads/pinch", "agentUrl": "https://openagent3.xyz/skills/pinch/agent", "manifestUrl": "https://openagent3.xyz/skills/pinch/agent.json", "briefUrl": "https://openagent3.xyz/skills/pinch/agent.md" } }