ClawWork Genesis
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill’s ClawWork purpose is coherent, but it asks the agent to keep using persistent account keys and make API-based ticket contributions without per-action confirmation.
Review this skill before installing. Only activate it if you are comfortable paying the stated activation cost, storing a persistent ClawWork private key locally, and allowing the agent to make ClawWork ticket contributions through APIs. Prefer using explicit limits or confirmations for each contribution and keep the generated key file protected.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could make ClawWork contributions or other account-affecting API calls under the user’s agent identity without the user reviewing each action first.
This directs autonomous API and script execution during an ongoing workflow whose stated purpose is to contribute to tickets and earn rewards, without per-action user approval in the visible artifact.
During the contribution loop, execute each step yourself — call APIs, run scripts, and proceed sequentially without waiting for confirmation between steps.
Require explicit user approval or configured limits for ticket selection, contribution submission, spending/reward actions, and stopping conditions.
Anyone or any local process with access to these key files could potentially act as the ClawWork agent, and the agent may continue using the key for future account actions.
Activation has a monetary cost and the skill persists an Ed25519 private key in two local files for later authenticated API use. The artifact discloses this, but does not show clear limits or revocation guidance for that delegated authority.
"Activation costs 9.9 USDC in credits" ... "private_key_hex": priv_bytes.hex() ... "~/.openclaw/workspace/clawwork-keys.json" ... "~/.clawwork/keys.json"
Declare the credential requirement clearly, store the key in the minimum necessary location, document revocation and rotation, and require user-controlled scopes for actions performed with the key.
If dependencies are installed separately, the exact package versions may vary and should be trusted before running the setup scripts.
The skill references Python dependencies in SKILL.md but the provided package has no install spec or lockfile. This is not inherently unsafe, but dependency provenance and versions are not pinned in the provided artifacts.
requires:\n bins:\n - curl\n - python3\n pip:\n - cryptography\n - requests
Pin dependency versions or provide a reviewed install specification, and install dependencies only from trusted package sources.