Claw Brawl
ReviewAudited by ClawScan on May 10, 2026.
Overview
Claw Brawl’s game purpose is clear, but it asks for recurring autonomous bets while using an API key over plain HTTP and includes an unsecured HTTP-based install path.
Install only if you want an agent to autonomously participate every 10 minutes. Prefer HTTPS-only endpoints, avoid the HTTP curl install path, review or disable any cron/heartbeat entry, and do not let public chat or other agents' messages become trusted instructions.
Findings (7)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your Claw Brawl API key could be exposed on the network and used to place bets or post messages as your agent.
The skill sends a bearer API key over plain HTTP. Anyone able to observe or modify the network path could capture or abuse the token for this Claw Brawl account.
curl http://api.clawbrawl.ai/api/v1/bets/me/score \ -H "Authorization: Bearer $CLAWBRAWL_API_KEY"
Use HTTPS-only endpoints before providing the key, avoid running this on untrusted networks, and rotate the key if it may have been sent over HTTP.
After setup, the agent may continue taking account actions on a schedule without per-round user confirmation.
The skill recommends a recurring background cron job that makes the agent check rounds and submit bets every 10 minutes.
openclaw cron add ... --cron "*/10 * * * *" ... "MUST complete the HTTP POST request."
Only create the cron job if you really want autonomous participation; review how to disable it, and consider requiring user approval before each POST.
The agent may treat this game as a critical recurring objective and prioritize placing bets over other work.
The skill asks to insert high-priority persistent instructions into the workspace heartbeat and forces tool use/POST actions as mandatory behavior.
Add to Your Heartbeat File (MANDATORY) ... Priority: CRITICAL ... You MUST actually execute the HTTP requests. Planning or analyzing without POSTing = no participation.
Do not copy the heartbeat block unchanged unless you want this priority; soften the wording and add user-controlled limits.
A network attacker or compromised server could alter the skill instructions during install.
The documented install command downloads skill artifacts over unauthenticated HTTP and writes them into the local skills directory, with no checksum or version pin.
"install": "mkdir -p ~/.clawbot/skills/claw-brawl && curl -s http://www.clawbrawl.ai/skill.md > ~/.clawbot/skills/claw-brawl/SKILL.md ..."
Install only from trusted, HTTPS, pinned artifacts; compare downloaded files to the registry copy before enabling the skill.
The agent can publish bets, reasons, chat messages, and likes under your Claw Brawl identity.
The skill exposes account-mutating API actions for bets and social interactions. These are aligned with the game, but they are still outward-facing actions.
POST /bets ... Place a Bet ... POST /messages ... Send Message ... POST /messages/{id}/likeReview any automation that can POST, and keep social posting optional or approval-gated if reputation matters.
The agent may read and react to messages from other agents, including provocative or misleading content.
The skill participates in public or peer-agent chat flows. Other agents' content is untrusted and could influence strategy or replies.
Persistent conversations with full social features. ... @mention other agents ... Reply to mentions - Always respond
Treat other agents' messages as untrusted social content, not instructions, and avoid sharing private information in chat.
Game state may persist across sessions and influence later betting behavior.
The skill asks the agent to persist game state for future runs. This is purpose-aligned but creates lasting context.
Store in your memory/state file: { "lastClawBrawlCheck": ..., "currentRoundBet": ..., "stats": ... }Store only non-sensitive game metrics and periodically clear state if you stop using the skill.