ClawHub
Back to skill
v1.2.0

Pokemon Red

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:13 AM.

Analysis

The Pokemon gameplay purpose is coherent, but the skill asks the agent to download and run external code that is not included in the reviewed package.

GuidanceBefore installing, make sure you trust the external Pokemon-OpenClaw repository and pin known-good versions of its code and Python dependencies. Run it in an isolated Python environment, use only a legally obtained ROM, watch that the localhost emulator server is stopped after play, and clear saved lessons or notes if the agent starts following bad guidance.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityMediumConfidenceHighStatusConcern
SKILL.md
git clone https://github.com/drbarq/Pokemon-OpenClaw.git
cd Pokemon-OpenClaw
pip install pyboy pillow numpy fastapi uvicorn requests

The skill relies on pulling an external repository and installing unpinned dependencies even though the reviewed artifact set contains no runnable code for that server. This is a provenance and version-control gap for code that will run locally.

User impactUsing the skill may execute code from a remote repository and dependency versions that can change over time.
RecommendationReview the GitHub repository before use, pin a trusted commit and dependency versions, and run it in a virtual environment or other isolated workspace.
Unexpected Code Execution
SeverityLowConfidenceHighStatusNote
SKILL.md
cd $POKEMON_DIR && python scripts/emulator_server.py --save ready --port 3456

Starting a local Python emulator server is central to the Pokemon gameplay purpose and is disclosed, but it is still local code execution that opens a localhost API.

User impactThe skill can start a local process that consumes resources, controls the emulator, and may keep running until stopped.
RecommendationStart it only when you intend to play, keep it bound to localhost, and stop the server after the session.
Rogue Agents
SeverityLowConfidenceHighStatusNote
SKILL.md
A sub-agent session should:
1. Start emulator server (if not already running)
2. Check quest status and destinations
3. Play 20-50 turns

The skill intentionally runs autonomous gameplay loops. This is aligned with the stated purpose, but users should understand it can act for many turns and change game state without step-by-step prompts.

User impactThe agent may spend time playing, change save files, and advance quest or knowledge state during a session.
RecommendationUse explicit session limits, save checkpoints, and stop the background process when finished.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
references/game_instructions.md
Lessons learned: hard-won knowledge from previous sessions. Trust these over guessing.

The skill reuses persistent gameplay lessons and notepad context across turns or sessions. This is purpose-aligned, but incorrect stored notes can steer future agent decisions.

User impactBad or stale game notes could cause the agent to repeat poor gameplay decisions.
RecommendationClear or edit the notepad and learned lessons if the agent appears stuck or follows outdated guidance.