Loomal Skill
PassAudited by ClawScan on May 7, 2026.
Overview
The skill appears coherent and disclosed, but it can give an agent sensitive mail, vault, calendar, identity-signing, and USDC-payment powers through a scoped Loomal API key.
Install this only if you want your agent to use Loomal services. Use a narrow per-task API key, verify the Loomal identity and scopes, review every confirmation carefully—especially payments and deletions—and revoke or rotate the key when the task ends.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the key is too broad, copied, or exposed, the agent or MCP server can access all Loomal capabilities allowed by that key.
The API key can authorize access to multiple sensitive user resources, depending on the scopes the user grants.
Loomal API keys are the delegated authority for the user's mail, vault, calendar, and payments.
Create a separate narrow key per task or agent, verify identity with whoami before sensitive actions, and rotate or revoke keys when no longer needed.
A mistaken or overbroad approved action could send funds, send or delete mail, or modify calendar data.
The tool surface includes real payment settlement. The skill requires confirmation, which mitigates the risk, but the action has real-world financial impact.
`payments_redeem` — real USDC settlement on Base mainnet. Confirm the amount and the destination resource before calling.
Before confirming, carefully check payment amount, destination, email recipients, calendar details, and any delete or archive actions.
An agent with vault scope may retrieve or use sensitive credentials and live 2FA codes during a task.
The skill is designed to store and retrieve persistent high-value secrets, including credentials and OAuth tokens, through Loomal tools.
**Encrypted vault** for logins, API keys, OAuth tokens, certs, cards (AES-256-GCM at rest)
Grant vault scopes only when needed, avoid broad long-lived keys, and do not ask the agent to reveal secrets unless absolutely necessary.
Installing the MCP server means trusting the npm package and Loomal service code with the scoped API key.
The actual MCP server is an external npm package executed via npx and is not included in the reviewed artifacts, although the version is pinned.
openclaw mcp set loomal '{"command":"npx","args":["-y","@loomal/mcp@0.5.0"],"env":{"LOOMAL_API_KEY":"loid-..."}}'Keep the package version pinned, update intentionally, and compare the npm package/source/checksum if stronger provenance is required.