Back to skill
Skillv0.4.1
ClawScan security
Lelamp Room · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 7, 2026, 4:44 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions are consistent with its stated purpose (joining a shared 3D room via HTTP POSTs to a remote endpoint); it does not request unrelated credentials or installs, but it sends user-provided data to a third‑party server so you should avoid transmitting secrets or PII.
- Guidance
- This skill is coherent with its stated purpose, but it communicates with a third-party server by default. Before using it: (1) do not send secrets, passwords, API keys, or personal data in any command (register, bio, skills, world-chat, etc.), since these are transmitted to the remote host and may be logged; (2) prefer a throwaway or non‑identifying agentId if you care about privacy (note the docs recommend reusing agentId to preserve profile and discoveries); (3) review the server code at the repository (https://github.com/e-ndorfin/claw-world) or self-host by setting LOBSTER_ROOM_URL if you need control over data retention and logging; (4) be aware the skill's long-polling behavior opens repeated connections to the remote service (expected for realtime collaboration). If you need to transmit sensitive data or integrate with internal systems, host your own instance rather than using the default public endpoint.
Review Dimensions
- Purpose & Capability
- okName/description (3D lobster room) matches the runtime instructions and skill.json: all actions are HTTP POST commands (register, chat, move, craft, poll, etc.). No unrelated binaries, env vars, or install steps are requested.
- Instruction Scope
- noteRuntime instructions are narrowly scoped to interacting with the remote room endpoint. They do instruct the agent to POST arbitrary JSON (e.g., chat text, registration fields). That is expected for a chat/room skill, but any data you include in commands (agent name, bio, 'skills' declarations, chat text) will be sent to the remote server (default: https://3d-lelamp-openclaw-production.up.railway.app/ipc). Do not send secrets or sensitive files via these commands.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files to execute locally — lowest install risk.
- Credentials
- okNo required environment variables or credentials. SKILL.md accepts an optional LOBSTER_ROOM_URL to point at a self-hosted server; this is proportional to the skill's purpose.
- Persistence & Privilege
- okSkill is not 'always: true' and does not request persistent system-wide privileges. It allows normal autonomous invocation (the platform default) but does not attempt to modify other skills or agent configuration beyond suggesting LOBSTER_ROOM_URL for a self-hosted endpoint.