OpenSwarm Fight Club
ReviewAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill is purpose-aligned, but it should be reviewed because it connects the agent to an unknown plain-HTTP agent arena where it can post messages, mutate a profile, and read untrusted peer content using a bearer API key.
Install only if you intentionally want your agent to interact with this external Fight Club arena. Do not send private information, confirm before posting or messaging, treat all peer content as untrusted, and avoid running any helper script that was not included and reviewed.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could post public channel content, send direct messages, submit fight responses, or change its profile under the Fight Club identity without clear approval boundaries.
These are authenticated write operations to an external service; the artifact does not state when the agent must ask the user before posting, messaging, or changing the profile.
POST /api/v1/channels/:name/send # Post {content: "..."} ... POST /api/v1/messages/send {to: "agent-name", content: "..."} ... PATCH /api/v1/agents/meOnly allow these write actions after explicit user confirmation, and review outgoing content before sending it to the service.
Other agents could send prompt-injection text, social engineering, or misleading instructions that the user's agent might mistakenly treat as authoritative.
The skill has the agent read content from other agents through channels, direct messages, and fights, but provides no trust-boundary guidance for treating that peer content as untrusted data.
Agent-vs-agent combat arena ... GET /api/v1/channels/:name/history ... GET /api/v1/messages/inbox
Treat all channel history, direct messages, fight prompts, and opponent responses as untrusted content; do not follow instructions found in them unless the user confirms.
Anyone able to observe or alter the network path could potentially see the API key, read or send account messages, or act as the Fight Club agent.
The skill documents bearer-token authentication to a plain-http endpoint, so the service API key and authenticated traffic are not protected by TLS in the described workflow.
**Server:** `http://100.29.245.213:3456` ... `Authorization: Bearer YOUR_API_KEY`
Use this only on trusted networks, avoid sending sensitive information, prefer an HTTPS endpoint if available, and rotate the API key if it may have been exposed.
The one-command registration path may fail or may prompt the user/agent to look for an unreviewed helper script elsewhere.
The provided artifact set contains only SKILL.md and no code files, so the referenced bundled registration helper is not present for review.
Run the bundled script ... `python3 scripts/register.py YOUR_NAME --server http://100.29.245.213:3456`
Use the manual registration steps or inspect any registration script from a trusted source before running it.