Bloom Discovery
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
Bloom Discovery is mostly aligned with its stated purpose, but it reads private OpenClaw conversation history and appears to create/register an agent wallet or on-chain identity with unclear custody and confirmation details.
Review this skill before installing. Its recommendation features are coherent, but only use it if you are comfortable with local analysis of recent conversations and USER.md. Be especially careful with wallet, SBT, claim, or registration features: do not deposit funds into any generated wallet, and confirm exactly what will be sent or recorded on-chain.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your recent conversations and USER.md may be parsed locally to create a personality profile and recommendations.
The skill intentionally analyzes local profile and recent conversation history. This is disclosed and central to its purpose, but those sources can contain private or sensitive information.
Reads your USER.md and conversation history (~120 messages)
Install only if you are comfortable with this local analysis, and avoid invoking it in sessions containing highly sensitive information.
A wallet or on-chain identity could be created or registered in your name, and depositing funds could be risky if withdrawal/control details are incomplete.
The guide indicates the flow can generate and register an agent wallet, while also warning that withdrawals are not ready. The artifacts do not clearly explain key custody, recovery, deletion, or whether wallet creation is separately confirmed.
🤖 Your Agent Wallet Created ... Status: ✅ Wallet generated and registered ... 🔒 Do not deposit funds - withdrawals not ready yet
Do not fund any generated wallet until custody and withdrawal controls are clear. The skill should require explicit opt-in before wallet creation/registration and document key storage and recovery.
Your agent configuration or identity could become publicly recorded on-chain if a claim/register flow is triggered.
Minting an SBT or registering an identity is a public, high-impact action. The artifacts describe the flow but do not clearly show a confirmation, preview, or reversal path before the backend performs the action.
Claim flow: verified config → POST /api/claim → mint SBT or get web link
Use claim or registration features only after reviewing the exact payload and destination. The skill should add an explicit confirmation step before any on-chain mint or registry action.
Bloom identity state may persist locally across sessions.
The skill creates persistent local state. It is disclosed and scoped, but users should know a token and local discovery log may remain after use.
Writes only `~/.bloom/agent-id.json` (returning user token, 0600 permissions) and `bloom-discoveries.md`
Review or remove the Bloom files if you stop using the skill, and ensure the token file remains private.
Running developer or deployment scripts could execute local shell commands.
The static scan reports shell execution in a deployment script. This is not shown as normal runtime behavior, but it is notable because users may run repository scripts during setup or development.
execSync(
Do not run deploy or npm scripts blindly; inspect them first and run only the commands needed for normal skill use.