ClawHub
Back to skill
v1.0.0

SEEK

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:50 AM.

Analysis

This skill mostly matches its stated purpose, but it asks the agent to expose an API key, can change and restart your OpenClaw setup, and has confusing package identity metadata.

GuidanceReview carefully before installing. If you use it, set the OpenRouter key securely, do not let the agent echo the key, back up ~/.openclaw/openclaw.json before running configuration changes, verify the package/repository identity, and run the watcher daemon only when you intentionally want continuous automatic model rotation.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
When the user wants free AI, run these steps in order: `freeride auto` ... `openclaw gateway restart`

The primary workflow changes OpenClaw's default model configuration and restarts the gateway, but does not instruct the agent to ask for confirmation, preview changes, or create a backup first.

User impactYour active OpenClaw setup may be changed or interrupted, and all agents may start using different model defaults.
RecommendationOnly run the configuration-changing commands after explicit approval, back up ~/.openclaw/openclaw.json first, and provide an undo path.
Agentic Supply Chain Vulnerabilities
SeverityMediumConfidenceHighStatusConcern
_meta.json
"ownerId": "kn7eepf540q01kxs5gzwnvsp5s80hhje", "slug": "free-ride", "version": "1.0.5"

These identifiers differ from the supplied registry metadata, which lists a different owner ID, slug, and version, while skill.json also uses another version/name combination.

User impactIt is harder to verify exactly which package, owner, or version you are installing and whether the installed artifact matches the reviewed one.
RecommendationVerify the repository and package slug before installing, and prefer corrected metadata with one consistent owner, slug, version, and install target.
Rogue Agents
SeverityLowConfidenceHighStatusNote
watcher.py
def run_daemon(): ... while running: ... check_and_rotate(api_key, state)

The watcher can run continuously and automatically rotate the configured model, but the artifacts present it as an optional user-run daemon rather than hidden persistence.

User impactIf you run the daemon, it may keep making OpenRouter health-check calls and changing the configured model until you stop it.
RecommendationRun the watcher only when you want continuous monitoring, know how to stop it, and are comfortable with automatic model rotation.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusConcern
SKILL.md
Check with `echo $OPENROUTER_API_KEY` ... `openclaw config set env.OPENROUTER_API_KEY "sk-or-v1-..."`

The skill requires an OpenRouter API key and recommends printing it, which can expose the secret in terminal output, agent transcripts, or logs.

User impactSomeone who can see the command output or logs could copy and use the OpenRouter API key.
RecommendationDo not echo the full key. Use a masked/non-printing check such as testing whether the variable is set, and rotate the key if it has already been exposed.