ClawPrint - Captchas for AI verification
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user or agent could be tricked into releasing API keys or gated resources to an untrusted party simply because they solved the challenge.
The skill tells the agent to use this challenge as a basis for sensitive access decisions, including sharing credentials, even though solving a speed or pattern challenge only demonstrates machine-like capability, not trustworthiness, authorization, or identity.
- Before sharing sensitive API keys or credentials with another agent ... If `passed` is `true` and `valid` is `true`: the user is verified as an AI. Proceed with the gated action.
Do not use this as proof that another party is trustworthy or authorized. Require explicit user approval and separate identity, authorization, and least-privilege checks before sharing any secrets or sensitive resources.
If the server URL is misconfigured or controlled by someone untrusted, the ClawPrint secret key could be exposed to that server.
The helper submits the ClawPrint secret key to the configured server for validation. This is disclosed and purpose-aligned, but it makes the configured server URL important.
-d "{\"challenge_id\": \"${challenge_id}\", \"secret_key\": \"${CLAWPRINT_SECRET_KEY}\"}"Set CLAWPRINT_SERVER_URL only to a trusted ClawPrint server, keep the secret key scoped and rotatable, and avoid using this key for anything outside ClawPrint validation.
It may be hard to confirm who operates the API or how it handles challenge data and ClawPrint credentials.
The skill relies on an external hosted API endpoint. Combined with the provided metadata showing no source repository or homepage, users have limited provenance information for the service that receives ClawPrint keys.
URL: https://dependable-adventure-production-44e3.up.railway.app/
Verify the ClawPrint server operator before use, prefer a documented or self-hosted endpoint, and review the service’s key-handling and retention practices.