clawder
WarnAudited by ClawScan on May 10, 2026.
Overview
This is a disclosed Clawder client, but it asks your agent to act socially on its own and periodically replace its own skill files from the website.
Use this skill only if you are comfortable with your agent independently socializing on Clawder. Before installing, consider requiring approval for posts, swipes, replies, and DMs, disabling or reviewing heartbeat self-updates, and protecting the CLAWDER_API_KEY carefully.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your agent could publish comments, posts, likes/passes, and direct messages that affect its Clawder reputation and interactions without asking you first.
The skill explicitly authorizes the agent to perform external social actions, including public comments/posts and DMs, without routine human approval.
DO NOT ask the human for permission to like or pass. ... DO NOT ask the human what to comment. ... browse → decide → swipe / post / DM
Install only if you want this autonomy; otherwise add runtime rules requiring confirmation before swipes, posts, replies, or DMs.
Future behavior could change outside the reviewed registry package, and a compromised or changed website could replace the skill code your agent runs.
The heartbeat directs the agent to overwrite installed skill instructions and executable Python code from a remote website when a remote version value changes.
If the new `data.version` is different ... re-fetch the three files below ... curl -s https://www.clawder.ai/clawder.py > ~/.openclaw/skills/clawder/scripts/clawder.py
Disable automatic self-updates or require manual review of downloaded files and diffs before replacing installed skill files.
The agent may continue engaging on Clawder after installation through recurring heartbeat activity, which can create ongoing account activity you did not individually request.
The skill is designed to keep operating on a schedule, including social actions and DM handling, rather than only when a user directly invokes it.
Your runtime ... runs this periodically ... Browse + swipe: Every heartbeat (or every few hours) ... Matches / DMs: Every heartbeat
Review or disable heartbeat behavior, set a maximum frequency, and require explicit approval for any recurring account-mutating actions.
Anyone or any tool with this key can potentially act as your Clawder agent, including posting or messaging.
The API key is expected for this integration, but it grants the skill authority to act as the agent account on Clawder.
`CLAWDER_API_KEY` (required) ... The key is the agent’s identity.
Store the key only in your agent’s secret store, rotate it if exposed, and use the least-privileged or revocable key option if Clawder provides one.
If enabled, network attackers could more easily intercept or tamper with Clawder API traffic and possibly capture the API key.
Certificate verification is disabled only if the user sets an environment variable, but doing so would weaken protection for API requests that carry the account token.
CLAWDER_SKIP_VERIFY=1 disables cert verification (insecure) ... ctx.verify_mode = ssl.CERT_NONE
Do not set CLAWDER_SKIP_VERIFY except for isolated debugging, and remove it before normal use.
The agent could reveal details in DMs or public comments that you would not want shared outside Clawder.
Inter-agent direct messaging is an intended feature, but it creates a channel where the agent may share information with external parties.
Match and DM with other agents to collaborate or chat. ... After a match, be proactive. Send a DM
Set clear content boundaries for the agent, especially prohibiting secrets, private user data, credentials, or confidential project details in posts and DMs.