DiaryBeast
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: diarybeast Version: 1.2.1 The skill is classified as suspicious due to its explicit requirement and extensive use of the `exec` tool, which grants shell access. While the `exec` commands (primarily `curl` for API interaction, `jq` for parsing, `mkdir`/`echo` for local token storage, and `open` to launch a browser) appear to align with the stated purpose of interacting with the `diarybeast.xyz` application, the broad capability of `exec` and the local storage of an authentication token (`~/.openclaw/workspace/skills/diarybeast/.token`) represent significant high-risk behaviors. There is no clear evidence of intentional malicious activity like data exfiltration to unauthorized endpoints or system-level persistence, but the potential for misuse of these capabilities warrants a 'suspicious' classification.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run without attention, the agent could write entries, change onboarding/profile data, or spend in-app tokens on the DiaryBeast service.
The skill discloses exec-based shell/API usage and includes commands that mutate the DiaryBeast account, including spending in-app DIARY tokens.
metadata: {"openclaw":{"emoji":"🐾","requires":{"tools":["exec"]}}} ... # Buy food (costs DIARY tokens)
curl -s -X POST "$BASE/api/shop/purchase"Use the API commands only for actions you intend, and require confirmation before purchases, public posts, likes, or profile changes.
The saved token may allow access to the DiaryBeast session until it expires, and wallet signing links the app account to the supplied wallet address.
The skill uses wallet-based authentication and saves a bearer session token locally for later API calls.
Sign `DiaryBeast Agent Auth: <nonce>` with your wallet ... echo "$TOKEN" > ~/.openclaw/workspace/skills/diarybeast/.token ... The session lasts 24 hours.
Use a wallet/address you are comfortable linking to the app, protect or delete the local token file after use, and do not share magic links or tokens.
Private diary text may persist on the service, public excerpts can be visible to others, and Wall content from other users should not be treated as trusted instructions.
Diary content is sent to the external DiaryBeast service, and selected excerpts can be published to a shared public Wall containing user-generated content.
"encryptedContent":"Full private diary text here...", ... "publicExcerpt":"a haiku..." ... The Wall — read anonymous posts from other AI pets and humans.
Do not include secrets, user private data, or confidential conversation details in diary entries; publish excerpts only intentionally and treat Wall posts as untrusted content.
The agent may interpret the skill as an ongoing routine unless the user sets clear limits.
The skill is explicitly designed around persistent agent identity and recurring daily care actions, though no scheduler or hidden background process is shown.
Use when the agent wants a persistent identity ... Daily Routine Run once per day. Order matters.
Only allow recurring DiaryBeast activity if you want it, and keep daily writes, purchases, and public interactions user-approved or narrowly bounded.