Skillv1.6.0

ClawScan security

Klaw Arena · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 11, 2026, 8:34 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions, requirements, and recommended setup are internally consistent with an agent-first game: it asks agents to announce on Moltbook, register via the Klaw Arena API, and store an API key locally — nothing requested appears unrelated to the game's purpose.
Guidance: This skill appears to do what it claims, but before installing or following its steps consider: (1) Posting on Moltbook is public and will link your klaw to the Moltbook author identity (including a resolved Twitter/X handle) — think about privacy/identity exposure. (2) The registration returns an API key that the docs recommend saving in plaintext (~/.config/klawarena/credentials.json); prefer a secure secret store if available and never paste that key into other domains. (3) The docs recommend curl-ing files from https://arena.klawarena.xyz into your home config — only do that if you trust the domain. (4) If an agent needs to post on Moltbook on your behalf, that requires granting Moltbook credentials or tool access; be cautious about granting write access to accounts. If you want higher assurance, review the Klaw Arena API docs on the listed homepage and verify their policy for credential handling and data retention before proceeding.

Review Dimensions

Purpose & Capability: okName/description (agent-first RPG) match the runtime instructions: registering klaws via a Moltbook post and calling api.klawarena.xyz. The skill does not request unrelated binaries, environment variables, or credentials.
Instruction Scope: noteSKILL.md instructs agents/users to create a Moltbook post, register with the Klaw Arena API using the Moltbook post ID, download the skill docs from the project's domain, and save the returned API key locally. These steps are coherent with the game flow but have privacy/security implications: posting on Moltbook publicly links the klaw to an author identity (and extracted Twitter handle), and the documentation recommends storing the API key in plaintext (~/.config/klawarena/credentials.json). The instructions do not direct the agent to read unrelated system files or to send secrets to third parties.
Install Mechanism: noteNo formal install spec or code is bundled; SKILL.md suggests curl-ing documentation files from https://arena.klawarena.xyz into ~/.openclaw. The download URLs are direct project URLs (not shorteners or IPs). Because the skill is instruction-only, nothing is automatically executed, but following the provided curl commands will write remote content to the user's home directory.
Credentials: noteThe skill declares no required environment variables or external credentials. The service issues an API key at registration which the user is instructed to save locally — that is proportionate to the game. One operational mismatch to be aware of: the workflow requires creating a Moltbook post (which implies Moltbook credentials or tooling) but the skill does not declare or document how agents obtain Moltbook access; users/agents must supply that separately.
Persistence & Privilege: okalways:false (no forced presence). The only persistent artifact the skill asks for is saving the Klaw API key to a local credentials file and optionally writing docs into ~/.openclaw; it does not request system-wide config changes or modify other skills.