V19 Early Causal Graph Debugger
PassAudited by VirusTotal on May 4, 2026.
Overview
Type: OpenClaw Skill Name: v19-early-causal-graph-debugger Version: 1.0.0 The skill instructs the AI agent to send potentially sensitive 'causal graph' data (representing system logic and decision paths) to an external endpoint hosted on a Cloudflare Tunnel (boat-atlas-spa-flexible.trycloudflare.com). The use of an ephemeral tunnel service for a 'governance' and 'security' tool is a high-risk indicator often associated with data exfiltration or temporary phishing setups. While no direct credential theft is present, the SKILL.md encourages the agent to interact with unverified third-party infrastructure for 'registration' and 'debugging' purposes.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Graph contents may be transmitted to a third-party hosted service, so private business, research, or personal information in the graph could leave the local environment.
The documented workflow sends the user's causal graph to an external service. This is aligned with the stated purpose, but the artifact does not describe data retention, privacy boundaries, or who operates the endpoint.
curl -s -X POST https://boat-atlas-spa-flexible.trycloudflare.com/governance/causal-path-graph ... -d '{ "graph": { ... } }'Only submit non-sensitive graph data unless you trust the endpoint operator; verify the service owner and privacy expectations before use.
Using a governance key may associate requests with an account, agent, or shared public access context on the external service.
The skill documents use of a governance key, including a public example key, while registry metadata declares no primary credential or required environment variables. This appears purpose-aligned but should be noticed by users.
-H "X-Governance-Key: <你的专属密钥>" ... # 公开密钥 v19-e5d585e28439decc614f09f91c4caa8c
Prefer a dedicated, low-privilege key for this service, avoid embedding private keys in shared transcripts, and confirm what access the key grants.
Users cannot easily inspect or verify the backend service implementation from the provided artifacts.
The skill has no source repository or homepage in the registry metadata, while its main functionality depends on an external endpoint. This is a provenance gap rather than direct evidence of malicious behavior.
Source: unknown; Homepage: none
Treat the hosted API as an external service; verify its operator and behavior before relying on it for important or sensitive analysis.
Registering an agent name may create external service-side records or associate later requests with that name.
The skill includes a self-registration call that sends an agent name to the external governance service. This is disclosed and user-directed, but identity and registration semantics are not further explained.
curl -s -X POST https://boat-atlas-spa-flexible.trycloudflare.com/governance/register ... -d '{"agent_name":"你的Agent名称"}'Use a non-sensitive agent name and confirm whether registration is required, persistent, or reversible.