Belong Events - Discover and Organize
WarnAudited by ClawScan on May 10, 2026.
Overview
This Belong integration is clearly related to events, but it gives the agent broad authenticated power to change events, hubs, check-ins, wallets, and NFT ticketing without clear confirmation safeguards.
Review this skill carefully before installing. It appears purpose-aligned for managing Belong events, hubs, tickets, wallets, and check-ins, but you should only use it if you trust the Belong endpoint and are comfortable giving the agent persistent authenticated access. Confirm every create, update, delete, branding, check-in, payment, wallet, and NFT-ticket action before allowing it to run.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overly autonomous agent action could change events or hubs, remove media, affect venue check-ins, or initiate NFT-ticket workflows on the user’s Belong account.
The skill documents multiple authenticated actions that can modify public/business resources, delete media, deploy NFT tickets, or process venue/payment-related approvals, but the provided instructions do not define explicit user confirmation or containment requirements before those actions.
create_event — Create event ... update_event — Update event ... delete_event_media — Delete event media ... deploy_tickets — Deploy NFT tickets ... check_in — Process check-ins, quoted venue payments, or owner approvals.
Require explicit user confirmation for create, update, delete, check-in, payment, branding, custom-domain, wallet, and NFT-ticket operations; show the exact account, event, hub, cost, and irreversible effects before calling the tool.
If the remote endpoint exposes additional or changed methods, the agent could potentially call them with the user’s Belong API key without local guardrails.
The wrapper accepts any syntactically valid method name and forwards it to the remote JSON-RPC endpoint; it does not locally restrict calls to the documented tool list or separate read-only from mutating actions.
METHOD="${1:?Usage: invoke.sh <method> [params-json]}" ... grep -Eq '^[A-Za-z][A-Za-z0-9_]*$' ... REQUEST_BODY="$(printf '{"jsonrpc":"2.0","id":1,"method":"%s","params":%s}' "$METHOD" "$PARAMS")"Add a local allowlist of documented methods and stronger handling for high-impact methods, such as requiring a confirmation flag or a separate safer workflow.
Anyone or any agent with access to that stored key may be able to act as the linked Belong user within the scope allowed by the Belong API.
The skill uses a persistent API key for authenticated Belong account access. This is expected for protected account tools, but it grants ongoing authority to the linked account.
The response includes `apiKey`. Store it — set it as `BELONG_EVENTS_API_KEY` env var or update `skills.entries.belong-events.apiKey` in `openclaw.json` so subsequent calls are authenticated.
Store the key only in trusted configuration, rotate or remove it when no longer needed, and avoid using this skill on shared or untrusted machines.
A misconfigured or malicious endpoint override could receive Belong request data and the stored API key.
The network destination and credential header are disclosed and purpose-aligned, but overriding the endpoint changes where account data and the API key are sent.
All JSON-RPC calls are sent to the endpoint above (or `BELONG_EVENTS_ENDPOINT` if overridden). If `BELONG_EVENTS_API_KEY` is set, it is sent to that endpoint as `X-OpenClaw-Key`.
Use the default endpoint unless you intentionally trust the override, and check `BELONG_EVENTS_ENDPOINT` before authenticating.
Users have less information for confirming that the skill and remote endpoint are maintained by the expected Belong operator.
The local wrapper is small and readable, but the registry metadata does not provide a source repository or homepage to independently verify provenance.
Source: unknown; Homepage: none
Install only if you trust the publisher and endpoint; prefer a release with a verified homepage or source repository.