阴阳岛肉鸽
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: yangyindao-rogue Version: 1.0.0 The skill bundle contains a fully functional, single-file HTML/JavaScript Roguelike game ('Yin Yang Dao') with a dedicated AI interface (window.YinYangDAO) for agent interaction. The code logic is transparent, focusing entirely on game mechanics such as map generation, turn-based combat, and state management via localStorage, with no evidence of data exfiltration, malicious execution, or prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could make moves or reset the game through the documented interface, but the artifacts do not show real-world account, file, or system changes.
The skill documents an AI-facing interface for reading game state and performing game actions. This is aligned with an AI-playable game and appears limited to gameplay.
使AI Agent能够: 1. 读取游戏当前状态 2. 分析局势并做出决策 3. 执行游戏动作
Keep any AI controls limited to in-game actions and ask the user before resetting or substantially changing a game session.
Opening the game may contact Google Fonts, revealing normal web request metadata such as IP address and user agent.
The local HTML page depends on a Google-hosted font. This is common for visual styling, but it is still an external dependency not mentioned in SKILL.md.
@import url('https://fonts.googleapis.com/css2?family=Press+Start+2P&display=swap');If fully offline play or avoiding third-party requests matters, bundle the font locally or remove the external import.