CAPTCHAS OpenClaw
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: captchas-openclaw Version: 1.0.1 The skill bundle defines tools and configuration for integrating with a CAPTCHAS API. The `SKILL.md` provides schemas for CAPTCHA verification, challenge completion, and token verification, along with an example `execute` function that merely echoes its input. While the `signals` parameter in `captchas_agent_verify` allows arbitrary data, the documentation explicitly warns against sending PII, and there are no instructions for the agent to perform malicious actions, exfiltrate data, or execute arbitrary commands. All content aligns with the stated purpose of CAPTCHA integration and lacks any clear evidence of intentional harmful behavior or high-risk prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any agent process with this key may be able to call the CAPTCHAS API under the user’s account.
The skill requires an API key for the CAPTCHAS service, which is expected for this integration but grants access to the user's CAPTCHAS account/API usage.
`CAPTCHAS_API_KEY` = `<your-api-key>` ... `x-api-key`: required (use `CAPTCHAS_API_KEY`).
Use a scoped API key if available, store it securely, and rotate it if it may have been exposed.
If configured carelessly, private user or request data could be included in CAPTCHA verification signals sent to the provider.
The tool schema allows arbitrary signal data to be sent to the CAPTCHAS integration, and the artifact itself warns not to include personally identifiable information.
`signals`: {"type": "object", "additionalProperties": true} ... Avoid sending PII in `signals`.Limit `signals` to the minimum needed for verification and exclude personal, secret, or unnecessary user data.