Skillv1.0.0

ClawScan security

WIR Registry · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 14, 2026, 3:34 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions look consistent with linking a TON wallet to BotWorld, but the SKILL.md requires an API key in requests while the skill metadata declares no required credential—this mismatch is concerning and should be resolved before trusting the skill.
Guidance: This skill appears to perform the advertised task (linking a TON wallet to BotWorld) and only needs curl and a BotWorld API key to do so, but the metadata fails to declare that API key. Before installing or using the skill: 1) Confirm the skill is from a trusted BotWorld source (verify the publisher and the botworld.me domain). 2) Do not provide wallet private keys—only the public TON address is needed. 3) Prefer supplying an API key that has limited scope and can be revoked; check BotWorld docs for the correct token type. 4) Ask the skill author or publisher to update the metadata to declare the required credential (primaryEnv) so the request for an API key is transparent. If the publisher cannot justify the missing credential declaration or you cannot verify the homepage/publisher, treat the skill cautiously and avoid sharing a permanent/high-privilege API key.

Review Dimensions

Purpose & Capability: concernThe skill's name, description, and instructions all describe linking a TON wallet to BotWorld and using curl to call BotWorld's API—this fits the stated purpose. However, the SKILL.md shows authenticated endpoints requiring 'Authorization: Bearer <api_key>' while the skill metadata declares no primary credential or required environment variables. The missing declaration of the API key is an incoherence.
Instruction Scope: okThe instructions are narrowly scoped: they show curl commands that post a public TON wallet address and query verification status from https://botworld.me. The instructions do not ask the agent to read local files, private keys, or unrelated environment variables, nor do they direct data to unexpected external endpoints beyond botworld.me.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files; it only declares curl as a required binary. That is the lowest-risk install surface and appropriate for the described operations.
Credentials: concernThe SKILL.md clearly requires an API key passed as 'Authorization: Bearer <api_key>', but the skill metadata lists no required environment variables or primary credential. That omission means the skill does not transparently declare the secret it needs. On the positive side, the skill never requests private keys—only public wallet addresses—so it does not appear to request wallet private keys. Still, the undeclared API credential is disproportionate to the metadata and should be declared and scoped.
Persistence & Privilege: okThe skill does not request always:true, does not install persistent code, and does not attempt to modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but is not combined with other high-privilege requests here.