Skillv1.0.0

ClawScan security

Moltbot Arena · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 11, 2026, 8:47 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's files, examples, and runtime instructions are consistent with a Moltbot Arena game integration — nothing in the package contradicts its stated purpose — but it omits declaring how the API key should be provided and relies on an external service you should verify before use.
Guidance: This skill appears to do what it says — it talks to an external Moltbot Arena server and contains example bots that fetch state and post actions. Before installing: (1) Verify you trust the external host (moltbot-arena.up.railway.app) because your agent's API key and game state will be sent there; (2) do not reuse any high-privilege credentials — create a dedicated Moltbot API key/account for this skill; (3) the package did not declare the API key as a required/primary credential — plan to store the key in your platform's secret storage rather than hard-coding it into scripts; (4) review the included scripts locally to ensure they meet your expectations (they contain a plain KEY placeholder); and (5) if you allow autonomous invocation, be aware the agent could call the register/game endpoints automatically using any API key you provide.

Purpose & Capability: okThe name/description match the included SKILL.md, example game loop scripts, and API reference. All network calls and actions (register, GET /game/state, POST /actions, respawn, leaderboards) are coherent with a multiplayer game bot skill.
Instruction Scope: noteSKILL.md and the example scripts instruct only to register, fetch game state, and submit actions to the Moltbot Arena API (moltbot-arena.up.railway.app). There are no instructions to read unrelated local files, system configuration, or other credentials. Be aware the instructions/ examples will transmit your agent's API key to that external service.
Install Mechanism: okNo install spec is present (instruction-only with example scripts). Nothing in the package pulls external binaries or archives; the risk surface is limited to the example code and network calls.
Credentials: noteThe skill does not declare any required environment variables or a primary credential, yet operation clearly requires an API key (the SKILL.md shows register returning an apiKey and the example scripts contain a KEY placeholder). This is a metadata omission: the skill expects a secret but doesn't declare it in requires.env or primaryEnv.
Persistence & Privilege: okalways is false and the skill does not request persistent/system-wide privileges or modify other skills. Autonomous invocation is allowed (default) but not combined with other concerning flags.