TorrentClaw
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: torrentclaw Version: 0.1.17 The skill is designed to search and download torrents, a functionality that inherently requires shell and network access. While the `CHANGELOG.md` indicates that previous versions contained shell injection vulnerabilities in `SKILL.md`'s curl commands and `add-torrent.sh`'s aria2 RPC JSON construction, these issues have been explicitly fixed. The current `SKILL.md` correctly uses `curl --data-urlencode` for user input, and `add-torrent.sh` employs `jq --arg` for safe JSON construction and robust magnet URL validation, demonstrating adherence to secure coding practices. No evidence of intentional malicious behavior, such as data exfiltration or unauthorized remote control, was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user approves a result, the skill can cause the local torrent client to begin downloading it, using bandwidth and disk space.
The helper can control local torrent clients through Transmission CLI or aria2 JSON-RPC to add a selected magnet link.
transmission-remote "${args[@]}" ... curl -sf http://localhost:6800/jsonrpc -d "$payload"Confirm the exact torrent, file size, and download directory before allowing the helper to add a magnet.
A download may continue after the immediate agent response finishes, consuming network and storage until stopped or completed.
When aria2 RPC is not available, the script starts aria2 as a background process.
aria2c "${args[@]}" &
echo "aria2 download started in background (PID: $!)."Monitor the torrent client after starting a download and stop the background process or client if the download is not wanted.
Using the API key may link searches to the user's TorrentClaw account or quota.
The skill can use a TorrentClaw API key for higher rate limits; this is expected for the service but is still an account credential.
Only include the `Authorization` header if `$TORRENTCLAW_API_KEY` is set.
Set TORRENTCLAW_API_KEY only if higher rate limits are needed, and use a service-specific key with minimal privileges.
TorrentClaw can see the user's search queries and that they came from the skill.
User search terms are sent to the external TorrentClaw API and marked for analytics.
Always include the `x-search-source: skill` header for analytics. ... --data-urlencode "q=QUERY" ... "https://torrentclaw.com/api/v1/search"
Avoid using the skill for searches you do not want sent to TorrentClaw, and review the service's privacy practices if that matters to you.
Users have less registry-level provenance information for verifying the publisher or upstream project.
The registry metadata does not provide a verified source or homepage, although the included scripts are visible in the artifact set.
Source: unknown Homepage: none No install spec — this is an instruction-only skill.
Verify the project source and trust the publisher before installing, especially because the skill can control local torrent clients.