OpenAirtime
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
OpenAirtime matches its airtime-bot purpose, but it asks the agent to use undeclared credentials and unreviewed local scripts to post publicly, collect phone numbers, and trigger airtime claims.
Only install this if you control the @openairtime account and can inspect the referenced local scripts. Before use, verify credential scope, package or review the Node scripts, add approval/rate limits for posting and claims, and use a private channel for phone numbers.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run with valid credentials, the agent could post publicly, spam replies, or initiate airtime claims incorrectly.
The skill gives the agent direct commands for public replies and airtime claims, including a duplicate-bypass reply command, without clear human approval, rate limiting, or claim limits.
Workflow ... 4. Call `claim_airtime` tool. ... `node c:\\Users\\LOYAL\\Documents\\openairtime\\scripts\\airtime.js claim_airtime FID CLAIM_CODE PHONE_NUMBER` ... `reply!` ... ignores duplicate check
Require explicit operator confirmation for high-impact actions, remove or restrict force-reply use, and add rate limits, validation, and claim-value controls.
An installer may unknowingly delegate posting and account authority to the agent without understanding what credentials are used or how broad they are.
The skill expects access to preconfigured account credentials for a specific Farcaster identity, while the registry metadata declares no credential or config requirements.
**All credentials are already configured. Never ask for API keys.** ... **FID:** 2683410 ... **Username:** @openairtime
Declare the credential source, required scopes, and rotation process; use least-privilege tokens and make credential use visible to the operator.
The agent would execute whatever code exists at that local path, making the actual posting and airtime-claim behavior unverifiable from the submitted artifacts.
The operational scripts are referenced from a hardcoded local path outside the provided skill package, so their behavior was not available for review or static scanning.
Use the `node c:\\Users\\LOYAL\\Documents\\openairtime\\scripts\\farcaster.js` commands below. ... `node c:\\Users\\LOYAL\\Documents\\openairtime\\scripts\\airtime.js claim_airtime ...`
Package the scripts with the skill, pin their source or commit, avoid user-specific absolute paths, and provide an install spec for review.
Users may expose phone numbers publicly or have them processed by unreviewed code without clear notice.
The workflow asks users to provide a phone number in a Farcaster reply/cast flow and then passes that phone number to a local claim script, without privacy boundaries or handling guidance.
Reply: "Visit https://openairtime.fun, spin the wheel, reply with Claim Code + NG number" ... `claim_airtime FID CLAIM_CODE PHONE_NUMBER`
Collect phone numbers through a private, secure channel or form, disclose handling and retention, and avoid asking users to post personal phone numbers in public replies.