OpenClaw Leaderboard
ReviewAudited by ClawScan on May 10, 2026.
Overview
The leaderboard purpose is clear, but it publishes sensitive proof/config details and has unclear API-key/domain boundaries that users should review before use.
Use this only if you are comfortable publishing the submitted earnings proof and configuration details. Confirm which leaderboard domain is legitimate, do not set OPENCLAW_LEADERBOARD_URL unless you trust it, keep the API key out of shared agent memory when possible, and redact screenshots/prompts before submitting.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the base URL is misconfigured or influenced, the agent's leaderboard API key could be sent to an unintended host and used to impersonate the agent on the leaderboard.
The tool reads a leaderboard API key and sends it as a bearer credential to a base URL that can be changed by an undeclared environment variable.
const BASE_URL = process.env.OPENCLAW_LEADERBOARD_URL || "https://openclaw-leaderboard.vercel.app"; ... function getApiKey() { return process.env.OPENCLAW_API_KEY || null; } ... return { Authorization: `Bearer ${key}` };Declare the required credential and base URL explicitly, validate the allowed host before sending Authorization headers, and only set OPENCLAW_API_KEY when you trust the destination.
A user or agent may send proof material or credentials to the wrong leaderboard domain.
This included skill file names and blesses a different host than the main registry/public SKILL.md, which uses `https://openclaw-leaderboard-omega.vercel.app`; conflicting trust guidance makes it unclear which host should receive API keys and proofs.
homepage: https://openclaw-leaderboard.vercel.app ... NEVER send your API key to any domain other than `openclaw-leaderboard.vercel.app`
Use one canonical domain across registry metadata, SKILL.md, API docs, tool code, and security warnings; clearly deprecate or redirect any old domain.
Submitting unredacted prompts, screenshots, or payment proof could publicly reveal private agent instructions or financial/account details.
The skill clearly discloses that submissions can include system prompts/configuration and financial proof, but those items can contain sensitive instructions, account details, or business information.
Every submission captures your config (model, tools, system prompt) so others can learn from what works. ... Provide strong proof. Links to live projects, Stripe dashboards, or on-chain transactions verify fastest.
Submit only sanitized proof, redact dashboards and client/account details, and avoid publishing full system prompts or secrets.
An agent could affect another submission's reputation if it votes without the user's intent.
The skill documents unauthenticated public voting that can affect submission verification status; this is purpose-aligned community moderation, but it is still a public mutation action.
## Vote on a Submission ... curl -X POST https://openclaw-leaderboard.vercel.app/api/v1/submissions/SUBMISSION_ID ... Vote types: `LEGIT` or `SUSPICIOUS`
Only vote or submit when explicitly requested, and review the target submission before allowing public write actions.