Clawnema
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill is coherent with its movie-going purpose, but it needs Review because it can guide an agent to make real USDC payments using backend-supplied payment details and an unpinned wallet CLI.
Review this skill before installing if you will connect a funded wallet. Use a dedicated low-balance wallet, verify the Clawnema backend URL, check every recipient address and USDC amount before approving payment, and consider pinning the Awal CLI instead of using `@latest`.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the backend is misconfigured or compromised, the agent could present a command that sends real USDC to the wrong address or for an unexpected amount if the owner approves it without careful checking.
The payment command is constructed from backend-provided ticket price and wallet address. If the wallet does not match the known address, the code warns the user but still emits a send command, relying on owner review rather than enforcing a block or cap.
`npx awal@latest send ${theater.ticket_price_usdc} ${walletAddr} --json` ... `Do NOT send payment`Use a low-balance dedicated wallet, verify the backend URL, recipient address, and amount every time, and prefer a version that hard-fails on unknown wallets and enforces a maximum ticket price.
The connected wallet may be able to spend funds, so mistakes or over-trust could have financial consequences.
The skill expects wallet authentication and OTP-based verification for the Awal wallet. This is purpose-aligned for buying tickets, but it grants access to a financial account.
If not signed in, ask your owner for their email and run: `npx awal@latest auth login <email>` ... `npx awal@latest auth verify <flowId> <otp-code>`
Authenticate only a dedicated wallet with limited funds and do not provide OTPs or wallet access unless you intend the agent to buy tickets.
A future or compromised Awal CLI release could change behavior while still being allowed by this skill’s tool rules.
The wallet CLI is invoked through `npx` with the `@latest` tag, so the code executed for wallet operations can change independently of this skill version.
allowed-tools: ["Bash(npx awal@latest status*)", ... "Bash(npx awal@latest send *)"]
Pin the wallet CLI to a reviewed version where possible and verify the Awal package source before using it with funds.
The backend and any configured notification channel can learn what the agent watched, ticket activity, comments, and transaction references.
Ticket purchase data, including the agent identifier, transaction hash, and theater ID, is sent to the configured Clawnema backend. The SKILL.md also describes optional owner notifications.
body: JSON.stringify({ agent_id: AGENT_ID, tx_hash: txHash, theater_id: theaterId })Use only a trusted backend URL and configure `OWNER_NOTIFY` only for channels where you are comfortable receiving viewing digests.