BotSee
ReviewAudited by ClawScan on May 1, 2026.
Overview
BotSee appears to be a coherent BotSee API integration, but it stores a BotSee API key and supports user-directed paid and account-changing actions.
Install only if you trust BotSee and want Claude to manage BotSee API actions for you. Confirm payment amounts, wallet/payment details, domains, and UUIDs before running commands, and keep the stored BotSee API key and BOTSEE_BASE_URL environment setting secure.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using the skill is granting it access to their BotSee account via a locally stored API key; a misconfigured BOTSEE_BASE_URL could send that key to an unintended endpoint.
The skill stores a BotSee API key locally and sends it as an Authorization bearer token to the configured BotSee API base URL; this is expected for the service, but the optional base URL override affects where credentials are sent.
BASE_URL = os.environ.get("BOTSEE_BASE_URL", "https://botsee.io") ... USER_CONFIG = Path.home() / ".botsee" / "config.json" ... headers["Authorization"] = f"Bearer {api_key}"Use the skill only in a trusted environment, keep BOTSEE_BASE_URL unset unless intentionally testing a trusted BotSee endpoint, and rotate the BotSee API key if you suspect exposure.
If you proceed through the USDC flow, you may spend funds or add paid credits to the BotSee account.
The skill includes a payment/top-up workflow using USDC and x402. This is related to BotSee billing and is documented, but it can involve real funds when the user supplies payment proof or uses a wallet.
/botsee topup-usdc --amount-cents N [--payment PROOF] - Add credits with USDC on Base via x402
Before paying, verify the amount, network, payment recipient, signup token, and that you intended to top up or complete signup.
Mistyped UUIDs or unintended commands could alter or remove BotSee configuration or analysis setup data.
The skill can update, archive, and delete BotSee account objects. These actions are consistent with managing BotSee analysis data, but they mutate remote account state.
/botsee update-type <uuid> [name] [desc] - Update customer type ... /botsee archive-type <uuid> ... /botsee delete-question <uuid> - Delete question
Review the target UUID, site, customer type, persona, or question before running update, archive, or delete commands.