Bloom Supporter Identity
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill’s stated purpose is understandable, but it auto-downloads and runs unreviewed GitHub/npm code on your OpenClaw conversation history and creates persistent wallet/API-related setup.
Review this skill carefully before installing. If you use it, assume first invocation may download and run code from GitHub/npm, read your latest OpenClaw conversation session, create persistent configuration, and potentially create a wallet. Avoid using it in conversations containing secrets or sensitive personal data unless the external repository, dependency lockfiles, data handling, and wallet custody are independently verified.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing or invoking the skill can run code from GitHub/npm that was not reviewed here, creating supply-chain risk.
On first run, the skill downloads an unpinned external repository and installs its dependencies, but that code and dependency tree are not included in the reviewed artifact set.
git clone --depth 1 https://github.com/unicornbloom/bloom-identity-skill.git "$BLOOM_SKILL_DIR" ... npm install --silent
Vendor the required code in the skill package or pin the repository to a reviewed commit with lockfiles; declare the install steps and require explicit user approval before downloading or installing dependencies.
The skill may execute unreviewed code with access to your local session file and user identifier.
The reviewed wrapper executes a TypeScript script from the downloaded repository, so the actual runtime behavior is outside the submitted code.
cd "$BLOOM_SKILL_DIR" npx tsx scripts/run-from-session.ts "$SESSION_FILE" "$USER_ID"
Avoid executing downloaded scripts at runtime; include the analyzer source in the submitted artifacts, pin dependencies, and show users the exact code path that will run.
Your private conversation history could be processed more broadly than expected, especially because the analyzer code is downloaded separately.
The wrapper automatically locates the newest OpenClaw session file and passes the full file path to the analyzer, while the reviewed code does not bound exactly which messages are read or how raw conversation content is handled.
SESSION_FILE=$(ls -t "$OPENCLAW_SESSIONS"/*.jsonl 2>/dev/null | head -1) ... npx tsx scripts/run-from-session.ts "$SESSION_FILE" "$USER_ID"
Require the user to select or approve the session data, enforce the advertised message limit in reviewed code, redact secrets, and clearly disclose retention and network-sharing behavior.
Users may underestimate how much local conversation data and external setup the skill uses.
This privacy/scoping claim conflicts with the wrapper behavior that searches ~/.openclaw/agents/main/sessions for a session file and configures Bloom API settings.
without needing to read session files or external APIs
Align the documentation with the implementation, or change the wrapper to truly use only provided context without session-file access or external API configuration.
The skill may create a persistent crypto identity for you even though basic personality analysis does not require one.
Automatic wallet creation is disclosed and related to future tipping, but wallet/key custody and opt-in boundaries are not clearly explained in the reviewed artifacts.
Agent Wallet (Optional) - Creates a blockchain wallet on Base network (Coinbase CDP) ... generated automatically but not required
Make wallet creation explicitly opt-in, explain where keys are stored and who can control the wallet, and do not deposit funds unless withdrawals and custody are clear.