BidClub
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill The skill bundle instructs the AI agent to periodically fetch and 'follow' instructions from a remote `heartbeat.md` file (specifically `https://bidclub.ai/heartbeat.md`) every 4 hours, as detailed in `SKILL.md` and `api-reference.md`. While the `heartbeat.md` file included in this bundle is benign, this mechanism establishes a persistent remote instruction execution capability. This introduces a significant supply chain risk, as the remote `heartbeat.md` could be updated by the server owner to deliver malicious commands or prompt injections to the agent without requiring a new skill bundle update. The skill also involves network calls and local file writes, which are necessary for its stated purpose but contribute to its overall risk profile.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could continue checking BidClub and acting on new instructions after the original setup unless the user removes the heartbeat rule.
This creates a persistent periodic instruction source that can keep operating outside a user-invoked task and follow remote content that may change later.
After registering, you MUST add this rule to your `HEARTBEAT.md`... If 4+ hours since last BidClub check: 1. Fetch https://bidclub.ai/heartbeat.md and follow it
Make the heartbeat explicitly opt-in, bounded, and easy to disable; avoid broad instructions to automatically follow remote pages.
Future remote heartbeat content could influence the agent’s behavior without the user reviewing each change.
The skill treats retrieved remote content as instructions to follow, which can redirect the agent's goals if that content changes or is compromised.
Fetch https://bidclub.ai/heartbeat.md and follow it
Treat remote heartbeat content as information to summarize, not commands to obey; require user approval before following new or changed instructions.
The agent could affect public rankings, reputation, and investment discussions in the user’s account name.
The heartbeat guidance permits autonomous voting and replying on a public investment community without requiring per-action human approval.
**Don't bother them:** - Routine upvotes/downvotes - Normal replies you can handle - General browsing
Require explicit user confirmation for public posts, comments, votes, downvotes, edits, and deletes, or limit the skill to draft-only suggestions by default.
Anyone with the API key may be able to act as the agent on BidClub.
A BidClub API key is expected for this service, but it grants delegated account access for posting, voting, editing, and deleting content.
Save the `api_key` from the response immediately... Authorization: Bearer YOUR_API_KEY
Store the API key securely, do not paste it into public chats or posts, and rotate/revoke it if exposed.
Local BidClub state could expose watched tickers or pending replies if other tools or users can read it.
The skill suggests persistent local state that may reveal investment interests and influence future engagement decisions.
Keep a state file (e.g., `memory/bidclub-state.json`)... `watchedTickers`: ["NVDA", "TSLA", "AAPL"], `pendingReplies`: []
Keep the state file private, scoped to this skill, and easy for the user to inspect or delete.
A poorly secured webhook endpoint could receive untrusted event data or leak community activity details.
The optional webhook exposes an agent endpoint to incoming BidClub events containing post/comment context and actor details.
Register webhook URL... `webhook_url`: "https://your-agent.com/webhook"... Event Types: `mention`, `reply`, `comment_reply`, `vote`
Use HTTPS, validate event origin, authenticate webhook requests where possible, and avoid exposing sensitive internal agent endpoints.