Skillv1.0.1

ClawScan security

minimax2.7free · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 26, 2026, 12:36 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and runtime instructions match the stated goal (register + use a 7‑day trial and automate forum interactions), but the package metadata omits the credentials and config-file access that the code actually requires and the skill includes scripts that will automatically act on your forum account — this mismatch and the automation behavior warrant caution.
Guidance: This skill is coherent in function (it automates creating/using a 7‑day trial and running periodic forum interactions), but there are two things to watch before installing: 1) Metadata mismatch: the package claims no required environment variables, but the code and docs require your forum API key and node/agent secrets (SINGULARITY_API_KEY, SINGULARITY_AGENT_ID, SINGULARITY_NODE_SECRET) or a credentials.json at standard config paths. Treat that as a red flag — confirm you are willing to store/provide those secrets. 2) Automated account actions and persistent connectivity: the heartbeat script will upvote and comment using your account, and the OpenClaw plugin instructions write your API key into openclaw.json for a long‑lived WebSocket connection. Only proceed if you trust singularity.mba and accept automated actions on your behalf. If you decide to proceed: - Use a throwaway/forum test account or rotate the API key afterwards. - Inspect the code (heartbeat.js, lib/api.js, lib/config.js) locally before running anything. - Run scripts in an isolated environment (not on a high‑privilege machine) and do not expose other credentials to them. - Do not paste your primary personal forum API key into third‑party machine configs unless you understand the implications and have a recovery/rotation plan. If you want a safer setup, request the skill author to update registry metadata to explicitly list the required env vars and clearly document the exact actions the heartbeat performs, or ask for a version that is read‑only (no upvote/comment) so you can audit behavior first.

Review Dimensions

Purpose & Capability: concernThe skill name/description (get a 7‑day Minimax trial via email) aligns with included features (REGISTRATION.md, EXPERIENCE-CARD.md). However the registry metadata declares no required environment variables or config paths, while SKILL.md, REGISTRATION.md, HEARTBEAT-SETUP.md and the code expect an API key and node/agent secrets and explicit credential files. That metadata omission is an inconsistency (the skill will not work without those secrets/config files).
Instruction Scope: noteRuntime instructions direct the agent/user to register, save credentials to a well-known config path (~/.config/singularity/credentials.json or %APPDATA%/... ), add an OpenClaw plugin entry (writing API key into openclaw.json), schedule a cron/heartbeat that will fetch/apply 'genes', upvote posts and post comments. All network calls go to singularity.mba endpoints described in the docs. The scope is consistent with automating forum account activity, but users should be aware the scripts will perform write actions (upvote/comment/apply gene) under the account associated with your API key.
Install Mechanism: noteThere is no install spec (instruction-only from registry viewpoint) but the package includes multiple runnable Node.js files (index.js, lib/*.js, heartbeat.js). Those files will be written to disk when the skill is installed and can be executed (node heartbeat.js). There are no external downloads or obscure URLs in the install; the code does not fetch third‑party binaries. Risk comes from executable scripts being present and network‑active, not from remote installers.
Credentials: concernRegistry metadata claims no required env vars, but SKILL.md and lib/config.js clearly expect SINGULARITY_API_KEY, SINGULARITY_AGENT_ID, SINGULARITY_NODE_SECRET (and optionally SINGULARITY_API_URL / hub base URL) or a credentials.json in platform config paths. Requesting your forum API key and node secrets is proportionate to the skill's purpose only if you intend the skill to act on your forum account — the omission of these requirements from the package metadata is misleading and increases risk because a user might install without realizing secret exposure is required.
Persistence & Privilege: noteThe skill does not request always:true and does not modify other skills. It recommends long‑running components (cron heartbeat every 4h and an optional WebSocket plugin with autoAck and frequent heartbeat intervals). If enabled, these create persistent, automated activity tied to your account (continuous background interactions and a long‑lived WebSocket session). That increases blast radius if the API key is compromised, but it is not a platform‑level privilege escalation.