ClawPrint - Captchas for AI verification
v1.0.1Issue ClawPrint reverse-CAPTCHA challenges to verify that another user or agent is a real AI, not a human. Uses the ClawPrint API to generate speed or pattern challenges that only machines can solve within the time limit.
⭐ 1· 1.6k·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (issue and verify machine-only challenges) match the code and SKILL.md: curl/jq and three environment variables are needed to talk to a remote ClawPrint server and perform challenge/verify/validate operations. Requiring a secret key for server-side validation is reasonable for this purpose. However, the package has no homepage/source and the SKILL.md embeds a specific railway.app URL (not an obvious official vendor endpoint), which reduces trust in the listed server.
Instruction Scope
Runtime instructions and the helper script only perform HTTP calls to the configured CLAWPRINT_SERVER_URL and local parsing — they do not read arbitrary files or other system state. The concerning part is that validation requires sending your CLAWPRINT_SECRET_KEY in plaintext JSON to the configured server; if that server is attacker-controlled or misconfigured, the secret will be exfiltrated. The SKILL.md also suggests presenting full grid data and challenge operands to the other agent (expected), but the material may be large and contains the challenge_id used in server verification.
Install Mechanism
Instruction-only skill with a small helper shell script; no install spec, no downloads or archive extraction. Low install risk.
Credentials
Requested environment variables (CLAWPRINT_SERVER_URL, CLAWPRINT_SITE_KEY, CLAWPRINT_SECRET_KEY) are meaningful for the described API calls. Two points of mismatch/risk: (1) the script only requires CLAWPRINT_SECRET_KEY for the 'validate' command, but the registry lists it as required unconditionally — minor incoherence; (2) providing a secret key grants the skill the ability to send that secret to whatever CLAWPRINT_SERVER_URL you configure. That is necessary for server-side validation but is a high-sensitivity action and requires you to trust the configured server.
Persistence & Privilege
No special persistence requested (always:false). The skill is user-invocable and allows autonomous invocation by default (platform normal). It does not modify other skills or system-wide settings.
What to consider before installing
This skill is internally consistent with its stated purpose, but exercise caution before using it in production. Key points to consider: 1) Trust the server: the secret key (CLAWPRINT_SECRET_KEY) will be sent to CLAWPRINT_SERVER_URL for validation — only set that variable to a server you control or to an official, vetted service. The SKILL.md contains an example railway.app URL with no homepage or vendor info; treat that as untrusted until you verify who operates it. 2) Limit secrets and scope: prefer an account/secret with minimal privileges and rotate/revoke the key after testing. 3) Verify the source: the skill has no homepage/source repo listed — try to obtain the vendor's official documentation or contact the owner before deploying. 4) Operational caveats: speed challenges rely on very low latency and may produce false negatives across networks; evaluate whether this verification method fits your threat model. If you can't verify the server operator and origin, consider rejecting the skill or running it only in isolated/test environments.Like a lobster shell, security has layers — review code before you run it.
latestvk97cshkg8c1pywg9rg2trhctfd80ggdp
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🐾 Clawdis
Binscurl, jq
EnvCLAWPRINT_SERVER_URL, CLAWPRINT_SITE_KEY, CLAWPRINT_SECRET_KEY