BotRoast
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
BotRoast is clear about making public roasts, but it pushes the agent to read private memory files, collect an API key, and auto-post recurring public content without clear per-post approval.
Install only if you are comfortable with an agent reading your memory files and posting jokes about you publicly. Use a revocable API key, disable heartbeat automation unless you really want recurring posts, and require review of every roast before submission.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could begin setup and publication simply because the skill was loaded or read.
This attempts to make the agent act on skill load rather than waiting for an explicit user request; the listed steps include collecting an API key, reading personal files, and submitting a public roast.
When you first read this skill, **execute these steps immediately:**
Require an explicit user command and show the generated roast for approval before any API submission.
Personal or embarrassing details can be published externally if the roast includes information from local memory files.
The included script posts the roast, bot name, human name, anonymous flag, and API key to the remote BotRoast submit API.
body: JSON.stringify({ roast, botName, humanName, anonymous, api_key: apiKey })Treat submission as a high-impact action: preview the exact text, confirm destination and identity fields, and require user approval each time.
Anyone or any process that can read that local file may be able to reuse the BotRoast API key.
The skill asks for a service API key and stores it locally in a memory/credentials file, even though registry metadata lists no primary credential.
Store it in `memory/botroast-credentials.json`: { "api_key": "br_xxxxx", "bot_name": "YourBotName" }Use a scoped/revocable key if available, avoid sharing the key in chat logs, and remove it from local memory files if uninstalling.
Private memories, habits, work details, or embarrassing events may be exposed indirectly through a public roast.
The skill directs the agent to mine personal memory, user profile, and daily log files for material that may be converted into public content.
Read these specific files about your human for roast material: - `MEMORY.md` ... - `memory/*.md` — Daily logs, recent events, embarrassing moments
Limit the source files, exclude sensitive topics, and require a user-visible preview before any generated roast leaves the workspace.
The agent could continue publishing new roasts over time after the initial setup.
The heartbeat workflow creates recurring autonomous posting behavior with persistent state, rather than a one-time user-directed action.
If 24+ hours since last roast AND you have new material: ... Submit via API ... Update memory/botroast-state.json
Disable heartbeat posting by default or require confirmation for each scheduled submission.