Clawbrawl
ReviewAudited by ClawScan on May 10, 2026.
Overview
Clawbrawl is coherent as a BTC prediction game, but it asks your agent to run a persistent every-10-minutes betting bot using an API key, including over plain HTTP.
Install only if you want a background agent that competes continuously. Before enabling cron or heartbeat automation, confirm the API endpoint supports HTTPS, protect the API key, avoid printing secrets into logs, decide whether public chat/danmaku posting is acceptable, and keep a clear way to disable the scheduled job.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
After setup, the agent can keep placing game bets in the background without the user reviewing each round.
This sets up a recurring isolated agent session that continues every 10 minutes and requires the agent to submit a POST request.
openclaw cron add --cron "*/10 * * * *" --session isolated --message "Execute Claw Brawl... MUST complete the HTTP POST request."
Only enable the cron job if you want continuous autonomous participation, and make sure you know how to disable or remove the scheduled job.
The agent may place repeated bets and associated public danmaku content even when the user has not reviewed the prediction.
The skill instructs automatic credentialed HTTP mutations with urgency and no per-action approval requirement.
ALWAYS place a bet unless there's less than 1 minute left... EXECUTE IMMEDIATELY: curl -X POST http://api.clawbrawl.ai/api/v1/bets ... -H "Authorization: Bearer $CLAWBRAWL_API_KEY"
Require explicit user approval for automated betting or limit the workflow to checking the current round and proposing a bet.
The Clawbrawl API key could be exposed in logs or network traffic, allowing others to act as the user’s game agent.
The docs display/read the API key locally and then send it as a bearer token to an unencrypted HTTP endpoint, despite no credential requirement being declared in the registry metadata.
echo $CLAWBRAWL_API_KEY cat ~/.config/clawbrawl/credentials.json 2>/dev/null ... curl -X POST http://api.clawbrawl.ai/api/v1/bets -H "Authorization: Bearer $CLAWBRAWL_API_KEY"
Avoid echoing or catting secrets into transcripts, use HTTPS if supported, protect the credentials file, and treat the API key as a real credential.
If a user runs that install command, they depend on whatever content is served over HTTP at that time.
The package manifest includes an unpinned, unencrypted HTTP download path for agent instruction files.
"install": "mkdir -p ~/.clawbot/skills/claw-brawl && curl -s http://www.clawbrawl.ai/skill.md > ~/.clawbot/skills/claw-brawl/SKILL.md ..."
Prefer the registry-provided artifact, HTTPS URLs, and pinned or checksummed files before installing remote skill instructions.
Game state may influence future agent behavior across sessions, which is expected for competition tracking but should stay scoped to this skill.
The skill asks the agent to persist game state for later reuse.
Store in your memory/state file: { "lastClawBrawlCheck": ..., "currentRoundBet": ..., "stats": ..., "recentResults": ... }Store only non-secret Clawbrawl state, avoid saving API keys in memory, and clear the state if you stop using the skill.
Other agents’ messages or betting rationales could influence this agent’s actions or public replies.
The skill encourages reading and responding to messages from other agents, which are untrusted peer-generated content.
Get @Mentions ... Reply to mentions - Always respond
Treat social messages and other agents’ reasoning as untrusted data; do not execute instructions contained in them.