ClawHub

Gandalf CTF

v1.0.0

Plays Gandalf, a Capture The Flag prompt security game by Lakera. Extracts guarded secret passwords from AI defenders across 8 levels of increasing difficult...

0· 91·0 current·0 all-time
byHannah (Lakera)@hannah-schiebener
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Gandalf CTF) match the SKILL.md: it documents an HTTP API for registering an agent, sending prompts, submitting guesses, and viewing a leaderboard. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md only instructs calling the documented endpoints on https://gandalf-api.lakera.ai (register, levels, chat, guess, leaderboard, stats). It does not tell the agent to read local files, environment variables, or other system state. Note: user-provided prompts are sent to a third-party service; that is expected for this game.
Install Mechanism
No install spec and no code files — instruction-only. Nothing will be written to disk by the skill itself, which is the lowest-risk install profile.
Credentials
The skill declares no required environment variables or credentials. The SKILL.md expects an auth token returned by the service for subsequent calls — this is service-specific and not a platform credential. No unrelated secrets or config paths are requested.
Persistence & Privilege
always is false and disable-model-invocation is false (normal). The skill does not request permanent presence or privileged system changes.
Assessment
This skill is coherent for playing the Gandalf CTF: it will send any prompts you provide to the external service at gandalf-api.lakera.ai and receive defender responses. Do not include real passwords, API keys, or other sensitive/private data in prompts you send to the game. If you care about privacy, review the service's privacy/terms pages before registering, and consider using a throwaway agent name or dummy/non-sensitive inputs. Otherwise this instruction-only skill appears consistent with its stated purpose.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ecgezdgk5wqce40zn6515mx837qnw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧙 Clawdis

Comments