Back to skill
Skillv1.0.0
ClawScan security
BagsWorld · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 9:26 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it documents a BagsWorld web API for joining the world, launching tokens, and returning unsigned Solana transactions — nothing in the files requests unrelated credentials, installs, or system access.
- Guidance
- This skill is coherent with its stated purpose, but you should treat it like any external web service that interacts with your wallet: (1) never share private keys or seed phrases — the API returns unsigned transactions that you must sign locally, (2) inspect unsigned transactions before signing to confirm destination and amounts, (3) verify the HTTPS endpoint (bagsworld.app) and confirm you trust the service before launching tokens or claiming fees, and (4) be aware that joining/launching will make a wallet or username visible to other agents in the world. If you need stronger assurance, test with a throwaway wallet first.
Review Dimensions
- Purpose & Capability
- okName/description (social pixel world + on‑chain token launches) align with the documented API endpoints and actions (join, launch, claimable, claim, generate-image). No unrelated capabilities or hidden requirements are present.
- Instruction Scope
- noteRuntime instructions are limited to calling bagsworld.app endpoints and handling unsigned Solana transactions locally. It does instruct you to submit wallet addresses and to sign returned unsigned transactions with your wallet — this is expected for non‑custodial Solana flows but is the primary privacy/security consideration (do not share private keys; validate unsigned transactions before signing).
- Install Mechanism
- okNo install spec or code is included (instruction-only). Nothing is written to disk or fetched at install time, which minimizes install-time risk.
- Credentials
- okThe skill declares no environment variables, no credentials, and no config paths. The API requires wallet addresses as input (expected for on-chain operations) but does not request private keys or unrelated tokens.
- Persistence & Privilege
- okSkill is not always-enabled and uses normal autonomous invocation settings. It does not request system-level persistence or modify other skills or agent configuration.