Sportsbook Skill
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This skill is broadly aligned with its sportsbook purpose, but it handles high-impact betting credentials and wallet seed phrases while giving misleading assurances about API-key storage.
Review carefully before installing. Only use this skill if you are comfortable sharing your Twitter handle, betting-agent prompt, and sportsbook account data with the Fuku Sportsbook API. Treat any API key and wallet seed phrase as highly sensitive, verify where they are stored, and avoid funding a wallet or enabling paid betting until you understand how to revoke keys, stop the agent, and delete local config files.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A seed phrase shown in chat may be captured in transcripts or logs; anyone with it could potentially control the wallet and funds.
The skill expects the assistant to receive and display a wallet seed phrase for an on-chain wallet tied to paid betting activity.
If wallet info is returned (seed_phrase, wallet_address, tranche): ... **Seed Phrase**: [seed_phrase] ... **Paid Tier** - Send USDC ... Losses are collected on-chain immediately.
Do not deliver wallet seed phrases through the assistant chat. Use a secure wallet flow and require explicit confirmation before any funded betting setup.
Anyone or any process that can read those config files may be able to use the sportsbook API key to access or manage the user’s agent.
The helper persists the account API key locally in config files, giving the skill continuing delegated access to the sportsbook account.
if api_key:
config["api_key"] = api_key
config["agent_id"] = agent_id
save_config(config)
...
"api_key": config.get("api_key", "")Declare the credential requirement, store keys with appropriate file permissions or an OS keychain, and give users a clear opt-in and revocation path.
Users may believe their API key is not stored locally when it actually is, causing them to underestimate credential exposure risk.
This security assurance conflicts with the included helper code that saves the API key into local configuration files.
- **One-Time Key** - API key shown once, never stored in plaintext
Update the documentation to accurately disclose where API keys are stored, whether they are encrypted, and how users can delete or rotate them.
The assistant could contact the sportsbook service and alter local credential state without the user fully seeing what command ran or what data was saved.
The skill directs the agent to run Bash helpers without showing commands and allows proactive status checks, including flows that can retrieve and save credentials.
DO NOT show them CLI commands - handle everything behind the scenes. ... User can ask "check my registration status" or you can proactively check
Require explicit user confirmation before registration, verification, status checks that return secrets, and any local credential writes.
Anything private included in that prompt may be stored or reused by the sportsbook service to guide future agent behavior.
The user’s betting perspective is sent to the remote service as a persistent instruction for the created agent.
"agent_prompt": data.get("prompt"), # Betting perspectiveAvoid putting secrets or sensitive personal details in the betting-perspective prompt, and provide clear retention/edit/delete controls.
The remote agent, subscriptions, or notifications may continue operating after the initial setup until the user disables or deletes them.
Creating a persistent remote betting agent and notification setup is central to the skill, but users should understand that it can outlive the immediate chat task.
**Register a Betting Agent** - Create their own AI betting agent ... **Receive Notifications** - Set up webhooks for pick alerts and bet results
Before using the skill, confirm how to pause, delete, limit, or revoke the remote agent and its notification subscriptions.