Listing Swarm
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: listing-swarm Version: 1.0.3 The skill is classified as benign due to its transparent design, clear documentation, and adherence to a 'Bring Your Own Key' (BYOK) security model. All network and file access (e.g., to captcha services, IMAP servers, and directory websites) is explicitly stated, directly supports the skill's purpose of automating AI product submissions, and relies on user-provided credentials. There is no evidence of unauthorized data exfiltration, malicious execution, obfuscation, or prompt injection attempts against the agent. The `SECURITY.md` and `DOCS.md` files are exceptionally thorough in explaining data flows and security considerations, including proactively addressing potential scanner flags.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your agent may bypass anti-bot checks and submit public listings on many external sites, which could violate site rules or affect your product reputation.
The artifact explicitly instructs the agent to automate submissions and CAPTCHA handling across third-party sites, while acknowledging some targets may not allow automation.
For each directory, the agent: ... Handles captcha (using your API key) ... Submits the form ... Directory ToS - Some directories don't allow automated submission.
Use only where automation is allowed, prefer free/approved directories, and require review before each submission or CAPTCHA-solved action.
Users may provide email-account access even if they expected email verification to be optional.
The same artifact frames email access as optional but includes IMAP credentials in the required environment contract, expanding the credential boundary beyond the core listing task.
requires: env: ... IMAP_USER ... IMAP_PASSWORD ... IMAP_HOST ... Email Access for Auto-Verification (Optional)
Treat IMAP access as sensitive; use a dedicated mailbox/app password and ensure the skill can run without IMAP when manual verification is preferred.
A spoofed or unexpected email could cause the agent to open the wrong verification link or expose email content to the agent context.
The email-verification helper trusts a simple sender-domain search and returns the first verification-looking link from email content for automatic verification.
['FROM', fromDomain] ... links: this.extractLinks(parsed.html || parsed.text) ... link: email.links[0]
Validate sender domains and link domains strictly, show the verification link to the user before opening it, and avoid returning full email HTML/text unless needed.
Users may underestimate the risk of sharing a personal mailbox or long-lived app password.
The documentation describes IMAP credential use and inbox parsing as risk-free, which understates the real sensitivity of granting an agent email access.
Risk: None — it's YOUR email, YOUR credentials, YOUR server
Replace 'Risk: None' claims with clear limits, risks, and mitigations, especially dedicated mailbox use and revocation steps.
Setup may require installing packages whose versions and provenance are not specified in the skill artifacts.
The included code depends on external packages, but the artifact set has no install spec or package manifest declaring pinned dependencies.
const Imap = require('imap');
const { simpleParser } = require('mailparser');Provide a package manifest/lockfile or clear pinned dependency instructions.