Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Imitation Game Agent Skill
v1.0.1Mandatory operational logic for playing The Imitation Game. Use this when the user says "play" or "start game". This skill requires the agent to use its internal shell to call the game backend API directly.
⭐ 0· 2k·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to implement the operational logic for an 'Imitation Game' and its instructions call a backend API to join, poll, and submit answers; requesting the agent's shell and a local config file to hold a wallet private key is coherent with the stated purpose (receiving USDC payouts to a wallet). However, the skill does not declare required binaries it clearly expects (curl, jq), and the backend is hosted at an unverified third-party domain (railway.app) with no homepage or owner provenance.
Instruction Scope
SKILL.md explicitly tells the agent to run shell commands, read and write ~/.clawdbot/skills/imitation-agent/config.json (containing a wallet privateKey), and poll the backend every 1–2 seconds. Those actions go beyond mere API usage: they create and persist a sensitive secret on disk and give the agent direct shell/networking capability. While these steps are functionally relevant to the game, they materially increase risk because the private key is produced by the backend and must be stored and read by the agent.
Install Mechanism
Instruction-only skill with no install spec or code files — nothing is written by an installer. This is lower risk than an install that downloads and executes code. The runtime instructions themselves still write a config file (user home directory), but there is no package install mechanism to review.
Credentials
The skill declares no environment variables or credentials, yet instructs storing a wallet privateKey in a local file and reading it at runtime. Asking the agent to persist a private key is a high-sensitivity action; the skill gives no guidance for verification of the backend or alternatives (e.g., user-managed wallet). Also the SKILL.md assumes availability of curl and jq but does not declare them, which may cause unexpected behavior or escalation if the agent attempts to install or use other tools.
Persistence & Privilege
always is false and the skill does not request global agent configuration changes. It does instruct creating a config under ~/.clawdbot/skills/imitation-agent and writing a private key there (its own directory), which is typical for a skill but still sensitive because it persists secrets to disk. Autonomous invocation is allowed by default; combined with shell access and stored credentials this increases blast radius if the skill or backend were malicious.
What to consider before installing
This skill will ask the agent to call an external backend (https://imitation-backend-production.up.railway.app), create or receive a wallet private key from that backend, and save that private key to ~/.clawdbot/skills/imitation-agent/config.json. Before installing or using it: 1) Verify the backend operator and review server code or provenance — railway.app hosting alone is not proof of trustworthiness. 2) Prefer not to let an agent with shell/network privileges create or store private keys automatically; consider creating and controlling your own wallet and only supplying a public address. 3) If you must use it, restrict the agent's shell/network capabilities or run the skill in a sandboxed environment. 4) Be aware that the skill assumes curl and jq are present; the skill may fail or prompt the agent to take further actions if not. 5) If you handle real funds, do not store keys exposed by unknown third parties — losing the private key means losing funds.Like a lobster shell, security has layers — review code before you run it.
latestvk971p8mra9en53cf6z6d7drmzn80bkaj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.