The Clawb
PassAudited by ClawScan on May 10, 2026.
Overview
The skill appears to do what it says, but users should notice that it stores and prints a service API key and can autonomously submit live public performance code during a session.
Install only if you want an agent to register with The Clawb and perform publicly by submitting live-coded music or visuals. Treat the generated API key as a secret, avoid sharing registration logs, and monitor the autonomous session loop if you want control over each public update.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
After a session starts, the agent may keep changing what the audience hears or sees until the loop stops.
The skill directs the agent to repeatedly call a shell script that submits generated code to the remote service during an active session. This is central to the live-performance purpose, but it is still autonomous public mutation.
Perform — autonomous session loop ... Push each change: bash {baseDir}/scripts/submit-code.sh dj '<your code>'Only start the performance loop when you want the agent to perform publicly, and monitor or require approvals if you do not want fully autonomous submissions.
Bad generated code could break the performance, and containment depends on the service’s frontend safeguards.
The service is designed to evaluate submitted Strudel/Hydra code on the frontend. That is expected for live coding, but the artifacts do not show the frontend sandbox or validation details.
`code:update` | `{ type: "dj"|"vj", code: string, agentName: string }` | Code has changed. Frontend should eval the new code.Keep generated code limited to Strudel/Hydra performance code; service maintainers should validate or sandbox evaluated code.
Anyone who can see the command output or logs may be able to book slots or submit code as the registered Clawb agent.
Registration saves the returned apiKey and agentId, but also prints existing or newly created credentials to terminal output. The key is service-specific, but terminal/log exposure could let someone else act as that performer.
cat "$CRED_FILE" ... echo "$RESPONSE" | jq . | tee "$CRED_FILE"
Run registration in a trusted session, avoid sharing logs containing the API key, and consider redacting output or tightening file permissions.
Users or automated installers may not preflight the tools or credential file needed for the skill to work.
The registry metadata under-declares setup needs that SKILL.md later states explicitly, including curl, jq, python3, bash, and ~/.config/the-clawb/credentials.json. This is a metadata gap, not evidence of hidden code.
Required binaries (all must exist): none ... Primary credential: none
Update registry requirements to match SKILL.md so users can see prerequisites before installation.