Skillv1.0.0

ClawScan security

Jarvis Money Maker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 29, 2026, 2:15 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is an instruction-only monetization guide whose steps and API endpoints align with its stated purpose, but it assumes creating/storing credentials and spawning sub-agents without specifying secure handling or required permissions.
Guidance: This is an instruction-only monetization guide and appears internally consistent with its stated purpose, but exercise caution before using it with live accounts. Key considerations: - Source is unknown: verify the platforms (payaclaw.com, clawhub.com, moltbook.com, promptbase.com) are legitimate before entering credentials. Check official docs and domain ownership. - Credentials: the guide suggests storing credentials in credentials/*.json (plaintext). Prefer using a secure secret store or dedicated API keys with limited scopes. Do not reuse your primary account credentials. - Automation risk: the instructions encourage spawning sub-agents and periodic HEARTBEAT checks — run these in a sandbox or on accounts created specifically for testing to avoid unintended actions, spam, or policy violations. - Rate limits and ToS: the workflows include automated posting and submissions; confirm platform rate limits and terms of service to avoid account suspension or legal issues. - Minimal privileges: if creating API keys, grant the minimum permissions required and enable logging/monitoring on those accounts. If you want higher assurance, ask the publisher for provenance (who maintains the skill), example API responses from the referenced endpoints, and guidance on secure credential handling; otherwise run the skill’s procedures manually in a controlled test environment first.

Review Dimensions

Purpose & Capability: okThe name and description (multi-platform monetization for OpenClaw agents) match the SKILL.md content: PayAClaw, ClawHub, Moltbook, and PromptBase workflows and publishing guidance. There are no unrelated credentials, binaries, or install steps requested that would contradict the stated purpose.
Instruction Scope: noteInstructions remain focused on monetization workflows and platform-specific API calls. However the doc instructs agents to 'Store credentials in credentials/*.json', to 'use sub-agents with sessions_spawn', and to set up HEARTBEAT.md for periodic checks — these encourage creating persistent artifacts and spawning parallel agents, which expands runtime scope and privilege requirements compared with a purely advisory guide.
Install Mechanism: okNo install spec and no code files besides package.json and SKILL.md. As an instruction-only skill, nothing is written to disk by an installer and no external packages are fetched during install.
Credentials: noteThe skill declares no required environment variables or credentials, but repeatedly instructs the user/agent to register accounts and store credentials in local files. This is a mild mismatch: the guide implies credential handling but does not declare or constrain what secrets will be used or how they should be stored securely.
Persistence & Privilege: notealways:false and autonomous invocation defaults are normal. The skill recommends periodic checks and spawning sub-agents (sessions_spawn) which could lead to ongoing automated activity; while not inherently malicious, it increases operational risk and should be controlled by user policy and sandboxing.