Proto Cog
PassAudited by ClawScan on May 1, 2026.
Overview
Proto Cog appears purpose-aligned for creating CellCog-hosted interactive prototypes, but users should understand it uses a CellCog API key and sends prototype prompts/output to an external service.
This skill looks safe to consider if you intend to use CellCog for UI prototyping. Before installing, make sure you are comfortable sending prototype prompts to CellCog, using a CellCog API key, and receiving hosted prototype links that may be shareable.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill may consume CellCog account resources or operate under the permissions of the provided API key.
The skill requires a CellCog API key, which is expected for a CellCog-backed prototyping service but gives the agent access to that service account or quota.
requires:\n bins: [python3]\n env: [CELLCOG_API_KEY]
Use a dedicated or limited-scope CellCog API key if available, monitor usage, and avoid placing secrets directly in prototype prompts.
Confidential product ideas, customer data, or internal designs included in prompts could be sent to CellCog and appear in hosted prototypes.
The skill discloses that generated prototypes are hosted externally and shareable by URL, so user prompts and generated UI artifacts may leave the local environment.
CellCog generates **real HTML/CSS/JS prototypes** hosted on live URLs. Share a link, get feedback on the actual experience
Do not include sensitive data unless CellCog’s privacy and sharing controls meet your needs; review hosted outputs before sharing links.
A prototype-generation job may continue after it is started and may use external service resources until it completes.
The documented OpenClaw workflow can start an asynchronous CellCog agent-mode task that reports back to the main session. This is disclosed and aligned with prototype generation, but it is still a tool action users should intentionally trigger.
OpenClaw (fire-and-forget):\n```python\nresult = client.create_chat(\n prompt="[your task prompt]",\n notify_session_key="agent:main:main",\n task_label="my-task",\n chat_mode="agent",\n)
Start CellCog tasks only with clear user intent, use descriptive task labels, and check CellCog’s timeout/cancellation guidance when running longer jobs.
The behavior of the overall workflow depends partly on the referenced CellCog client or skill, not just this instruction file.
The skill relies on a referenced CellCog dependency/skill for the SDK details, which is expected for this integration but means users should trust and review that dependency as well.
dependencies: [cellcog]\n...\nFor your first CellCog task in a session, read the **cellcog** skill for the full SDK reference
Install or use the CellCog dependency only from the expected publisher/source and review its credential and data-handling instructions.