elizaOS Cloud
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a legitimate elizaOS Cloud helper, but it gives the agent API-key access to manage cloud agents, media, knowledge, and containers.
Use a scoped elizaOS Cloud API key, keep the base URL trusted, and explicitly review any delete, deploy, API-key, knowledge-upload, or cost-incurring generation action before letting the agent proceed.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The API key can authorize actions in the user's elizaOS Cloud account, and a misconfigured base URL could receive that token.
The helper sends the elizaOS Cloud API key as a bearer token to a configurable API base URL. This is expected for the service, but makes both the key and base URL security-sensitive.
ELIZACLOUD_BASE_URL="${ELIZACLOUD_BASE_URL:-https://elizacloud.ai/api/v1}" ... -H "Authorization: Bearer $ELIZACLOUD_API_KEY" ... curl ... "$ELIZACLOUD_BASE_URL$endpoint"Use a least-privilege ELIZACLOUD_API_KEY, keep ELIZACLOUD_BASE_URL on the official/trusted endpoint, and rotate the key if it may have been exposed.
Mistaken use could delete cloud agents, create resources, deploy containers, or incur service usage/costs.
The skill exposes account-changing cloud operations, including creating/deleting agents and deploying containers. These actions match the stated purpose, but they are high-impact operations.
**Create Agent** ... POST /api/v1/app/agents ... **Delete Agent** ... DELETE /api/my-agents/characters/{id} ... **Deploy Container** ... POST /api/v1/containersConfirm destructive or cost-incurring actions explicitly, check resource IDs carefully, and prefer scoped API keys for only the permissions needed.
Documents uploaded to the cloud knowledge base may persist and later influence agent responses.
The documented knowledge-base feature can store uploaded content as embeddings for later retrieval by agents. This is purpose-aligned, but affects retention and reuse of user-provided data.
Knowledge Base ... Vector storage for RAG-powered agents with automatic embedding and retrieval.
Upload only intended documents, avoid secrets unless the account and retention policy are acceptable, and periodically review or delete stored knowledge.
Sensitive task content could be sent to another cloud agent if the feature is used.
The skill documents delegating tasks and data to other agents through an A2A endpoint. This is disclosed and relevant to elizaOS Cloud, but agent identity and data boundaries are not detailed in the artifact.
### A2A Protocol (Agent-to-Agent) ... POST /api/a2a ... "method": "tasks/send" ... "text": "Analyze this data"
Verify the destination agent and trust boundary before sending private data through A2A workflows.
Users have less external provenance information to verify the publisher or compare the artifact against an upstream project.
The package does not provide a source repository or homepage for provenance, although the shipped helper script is visible and there is no install-time code shown.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Inspect the included script before use and install only if the registry publisher and elizaOS Cloud endpoint are trusted.