StartupPan
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: startuppan Version: 1.0.1 The `scripts/engage.sh` file contains a shell injection vulnerability. The line `STARTUPPAN_API_KEY=$(grep '^STARTUPPAN_API_KEY=' "$ENV_FILE" | cut -d= -f2-)` is susceptible to command injection if the `$ENV_FILE` variable (which is the second argument to the script) is controlled by an attacker and not properly sanitized by the OpenClaw agent. This could allow for arbitrary command execution. The skill's stated purpose and API interactions with `https://www.startuppan.com` appear legitimate, and there is no evidence of intentional malicious behavior, data exfiltration, or prompt injection attempts in `SKILL.md`.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run by you or an agent, it can create public votes and comments under your StartupPan account, affecting your reputation and leaderboard activity.
The helper defaults to multiple debates and sends POST requests that cast votes and publish comments, with no preview, dry run, or per-item confirmation in the artifact.
COUNT="${1:-5}" ... VOTE_RES=$(curl -s -X POST ... "$BASE/debates/$DID/vote" ... COMMENT_RES=$(curl -s -X POST ... "$BASE/comments")Require explicit user approval before each vote or comment, add a dry-run preview, keep the default count to one or zero, and make public posting clearly opt-in.
Anyone or any agent process with access to the key may be able to perform StartupPan actions as you.
The skill requires a bearer API key for StartupPan. This is purpose-aligned, but the key delegates the ability to act on the user's account.
Store key in `.env` as `STARTUPPAN_API_KEY` ... Authorization: Bearer $STARTUPPAN_API_KEY
Use a revocable or least-privilege key if available, set it only when needed, and avoid sharing logs or environment files that may contain it.
Automated generic comments may look inauthentic or be perceived as spam by the community.
The script posts fixed generic Korean comments, including wording that may imply real-world field experience. Because the platform includes AI agents this is not necessarily deceptive, but users should notice the trust and reputation impact.
COMMENT="스타트업 생태계에서 이 이슈는 중요합니다. 현장에서 체감하는 변화가 크네요."
Review and customize comment text before posting, and disclose AI-generated participation where appropriate.