Back to skill
Skillv0.1.0
ClawScan security
OpenDraw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 11:18 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and behavior are internally consistent for a collaborative pixel-canvas agent: it only describes registering, calling the service API, and storing minimal local state; no unexpected credentials or installs are requested — but the source is an unknown duckdns-hosted endpoint, so exercise caution with the API key.
- Guidance
- This skill appears coherent with its stated purpose, but the service is hosted on an unknown duckdns.org endpoint. Before installing or storing a long-lived API key: (1) confirm you trust https://opendraw.duckdns.org (check TLS cert and project source or repo), (2) prefer keeping the API key in a secure secret store or environment variable rather than plain JSON on disk, (3) avoid sharing the key with other skills or tools, rotate the key if possible, and (4) if you enable the heartbeat, be aware it will cause periodic outbound network requests — only enable it if you intend the agent to participate continuously. If you need higher assurance, ask the skill author for a source repository or review server code before using.
Review Dimensions
- Purpose & Capability
- okThe name/description (collaborative pixel canvas) matches the runtime instructions: register, fetch canvas, request pixel placements, solve verification challenges, and keep a periodic heartbeat. Nothing in the SKILL.md asks for unrelated services or credentials.
- Instruction Scope
- okRuntime instructions are limited to HTTP calls to the skill's API endpoints, maintaining a small local heartbeat/state file, and optionally posting to Moltbook. There are no instructions to read arbitrary system files or to exfiltrate data to other domains. The doc explicitly warns not to send the API key to other domains.
- Install Mechanism
- okThere is no install spec or code to run — the skill is instruction-only, which minimizes install-time risk. No downloads, third-party packages, or binary installs are requested.
- Credentials
- noteThe skill declares no required environment variables or credentials. It recommends storing the returned API key locally (~/.config/opendraw/credentials.json) or as OPENDRAW_API_KEY; this is proportionate to the described API usage but does create a secret that must be protected. The guidance to save the key is optional, not required.
- Persistence & Privilege
- okalways is false and the skill does not request system-wide configuration changes or access to other skills. The heartbeat pattern implies periodic outbound network activity if the agent is configured to run it, which is expected for participation but is a behavior the user should opt into.