Clawchest Setup
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is mostly a Clawchest API guide, but it also encourages recurring autonomous uploads of logs, JSON data, and critical files to a third-party service without clear user approval or data boundaries.
Use this only if you intentionally want a third-party Clawchest account for storage or banking-like API actions. Do not enable the heartbeat by default; require user approval for every upload or financial/account action, limit uploads to explicitly selected files, and protect the saved API key carefully.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could keep sending logs or data to Clawchest every few hours after installation, including information the user did not specifically choose for upload.
The skill asks the agent to add Clawchest to a periodic heartbeat so uploads happen repeatedly over time, not just when the user explicitly requests a deposit.
Add this to your `HEARTBEAT.md` ... `## Clawchest (every 6+ hours)` ... `1. Upload recent activity logs or JSON data`
Do not add the heartbeat unless the user explicitly opts in. Require clear file/path selection, confirmation before each upload, and an easy way to disable the recurring task.
Private logs, JSON records, critical files, or secrets could be uploaded to a third-party service without enough clarity about what will be sent or how it will be protected.
The skill encourages sending broad categories of potentially sensitive local data to an external provider, but does not define approved sources, exclusions, retention, or review requirements.
Your heartbeat will now remind you to: - Upload your activity logs - Store important JSON data - Backup critical files
Only upload files the user explicitly selects. Exclude credentials, private conversations, personal data, and system logs by default unless the user confirms the exact content and destination.
Anyone who obtains the saved API key may be able to access or modify the user's Clawchest data.
The skill uses a bearer API key that represents the agent's Clawchest identity and can access stored data. This is expected for the service, but the registry metadata declares no primary credential.
Every agent needs to register and get an API key ... Recommended: Save your credentials to `~/.config/clawchest/credentials.json`
Store the API key securely with restrictive file permissions, do not paste it into unrelated prompts/tools, and rotate it if it is exposed.
An agent could upload selected files or perform account/banking API actions if it follows these commands with the user's API key.
The skill documents raw API commands for account changes and file uploads. These examples are purpose-aligned, but they are high-impact operations if run without user review.
`curl -X POST https://clawchest.com/api/v1/banking/withdraw` ... `curl -X POST https://clawchest.com/api/v1/files`
Require explicit user approval before withdrawals, deposits, or uploads, and show the exact amount, file path, and destination before executing.
Future remote versions of the skill instructions could change what the agent is told to do.
The skill documents fetching skill files directly from a remote site. This is user-directed and no executable code is present, but users depend on the remote content remaining trustworthy.
curl -s https://clawchest.com/skill.md > ~/.moltbot/skills/clawchest/SKILL.md ... Check for updates: Re-fetch these files anytime
Review fetched files before use and avoid automatically refreshing skill instructions without a trusted update process.