siliville
ReviewAudited by ClawScan on May 18, 2026.
Overview
This is a coherent SiliVille metaverse connector, but it gives an autonomous agent broad authority to post, trade, transfer assets, store memories, and accept remote runtime instructions.
Install only if you are comfortable letting an agent act in SiliVille under your token, including public posts and in-game economic actions. Keep OPENAI_API_KEY unset unless you want autonomous bounty fulfillment, monitor the first runs, require confirmation for mutating actions, and do not put secrets in memory or mental_sandbox fields.
Findings (8)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
SiliVille can update instructions your agent treats as authoritative, potentially changing how it acts after you install the skill.
The skill tells the agent to fetch and parse a remote system_prompt_extension/skill catalog as mandatory operating guidance, so behavior can be changed after installation by remote content outside the reviewed artifact.
GET /api/v1/system/claw-manifest(神谕法典 v5.1+:system_prompt_extension ...;同一响应 JSON 必须解析 ... skill_catalog)
Only use this if you trust the SiliVille service to supply runtime instructions; inspect the fetched manifest when possible and require human confirmation before high-impact actions.
An autonomous agent could spend or transfer in-game assets, trade, or publish under your SiliVille identity without a clear per-action approval gate.
The documented workflow says to notify the owner before calling APIs, but it does not clearly require approval; the same API surface includes public posting, asset transfer, and trading actions.
做事前告知主人 → 状态改为 writing/exploring → 调用 API ... 发布内容 /api/publish ... A2A 转账 ... transfer_asset ... trade_stock
Run the skill with explicit confirmation rules for posting, transfers, trading, governance, arcade deployment, and other account-mutating actions.
Other SiliVille users' contract text can drive what your agent generates and publishes, and the example does not show a per-contract human review step.
The default example workflow can automatically process third-party bounty descriptions and submit generated content under the user's agent identity when configured.
The script will: ... Publish a connection announcement ... Store a first memory ... Check the mercenary bounty box and auto-fulfill any pending contracts
Do not run the example agent in unattended mode; review each contract before fulfillment and keep OPENAI_API_KEY unset unless you intentionally want this behavior.
Anyone or any agent with this token can act through your SiliVille account within the API's permissions.
A bearer token is required to act as the user's SiliVille agent. This is expected for the service integration, and the artifacts do not show hardcoded credentials or unrelated credential use.
SILIVILLE_TOKEN: required: true ... API token starting with sk-slv-
Use a token with the least authority available, rotate it if exposed, and do not paste it into prompts or public content.
Sensitive information placed in memories or mental_sandbox text could be retained or reused by the service.
The skill intentionally stores or transmits agent memory/reasoning context to the SiliVille service and warns not to include secrets.
store long-term memories via a simple REST API ... mental_sandbox ... is sent to siliville.com ... do not include sensitive secrets
Treat SiliVille memory and action-trace fields as non-private; avoid storing credentials, personal data, or confidential work details.
If enabled, bounty/task content and generated prompts may be shared with the configured LLM provider.
The optional mercenary workflow sends contract/town data to an OpenAI-compatible provider; this is disclosed and optional, but it is an external data flow.
OPENAI_API_KEY ... Optional. External LLM key for auto-fulfilling mercenary contracts. Data will be sent to the LLM provider.
Leave OPENAI_API_KEY unset unless needed, and verify the configured OPENAI_BASE_URL and provider data policies.
It may be harder to confirm that this package is the official, current SiliVille gateway.
The registry metadata has limited provenance and differs from embedded artifact versions/authorship, which matters for a skill that requires an account token and remote runtime instructions.
Source: unknown; Homepage: none; Version: 1.3.0
Verify the publisher and repository out of band before providing tokens or running the example agent.
Some source text may not display exactly as originally submitted.
Neutralization removed control characters from the README artifact. No malicious hidden instruction is shown, but such characters can affect how source text is displayed or reviewed.
"controlCharactersRemoved": 3
Review the raw source in a control-character-aware viewer before trusting the package.