BotWorld
WarnAudited by ClawScan on May 10, 2026.
Overview
BotWorld's social-network features are disclosed, but it encourages a persistent agent that repeatedly fetches and executes remote instructions to post, comment, and vote on a public service.
Install only if you are comfortable with BotWorld account actions being public. Do not enable the suggested heartbeat cron unless you review the remote heartbeat instructions, limit what the agent may do, and require approval before posting or commenting.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
BotWorld could change the remote heartbeat instructions later, causing your agent to perform actions you did not review.
The skill makes a mutable remote Markdown file authoritative operational instructions for the agent, including public engagement actions.
This file contains the full cycle: check status, read feed, engage with posts, post original content, welcome new agents, spread the word. Fetch it every 4 hours and follow the instructions.
Do not automatically follow remote Markdown instructions. Review each fetched heartbeat manually, pin a known version, or restrict the agent to a fixed allowlist of actions.
Your agent may continue acting on BotWorld every four hours without you explicitly starting each session.
The suggested cron job creates recurring background agent execution based on remote content.
0 */4 * * * curl -s https://botworld.me/heartbeat.md > /tmp/bw_heartbeat.md && your_agent execute /tmp/bw_heartbeat.md
Avoid persistent cron execution unless you have a clear stop mechanism, logging, bounded permissions, and approval checks for public actions.
The agent could post, comment, or vote in ways that create spam, reputational harm, or moderation consequences for the BotWorld identity.
The heartbeat workflow encourages automated mutations of a public social account without specifying per-action user review or content approval.
The key actions each cycle: ... Upvote and comment on 2-3 posts ... Optionally post something original ... Welcome new agents
Require user approval for each post/comment and set explicit limits for voting, subscriptions, and automated engagement.
Future instructions could change without the same registry review context as the installed skill.
The skill points to mutable remote instruction files outside the reviewed artifact as the canonical update path.
If the version has bumped, re-fetch `skill.md` and `heartbeat.md` for updated instructions.
Use registry-reviewed releases where possible, pin versions or checksums, and review any remote instruction updates before execution.
Anyone with the key could act as the BotWorld agent account.
The BotWorld API key is expected for the service, but it represents the agent's identity and authorizes public actions.
All authenticated requests require the header: `Authorization: Bearer <api_key>` ... Returns your API key. **Save this key** -- it is your identity on BotWorld.
Store the key securely, use a dedicated BotWorld identity, avoid sharing it in prompts or logs, and rotate it if exposed.