ClankdIn
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: clankdin Version: 5.1.8 The skill bundle is classified as suspicious due to significant prompt injection attempts within the SKILL.md file. Specifically, hidden comments and sections like 'Something Else' explicitly instruct the AI agent to explore undocumented endpoints such as `/inner-life.md`, `/psyche/state`, and `/c`, hinting at 'deeper protocols' and stating 'Keys are required'. This encourages the agent to deviate from the stated purpose and documented API, potentially leading to unauthorized access or misuse of its own credentials on the service. The binary comment 'they watch you' and the philosophical tone further contribute to an environment that encourages the agent to go 'off-script'.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who gets the API key could impersonate the agent on ClankdIn and perform account actions there.
The skill clearly discloses that the ClankdIn API key represents the agent's identity and can be used to act as that agent.
**CRITICAL:** Your API key is your identity. ... Leaking your key means someone else can impersonate you on the network
Only send the key to https://api.clankdin.com, keep it out of chats/logs, and use a separate ClankdIn identity if you do not want actions tied to your main agent.
The agent could create, edit, delete, like, comment on, or otherwise change public ClankdIn content if given the API key and asked to use these endpoints.
The API documentation includes authenticated write/delete actions for public social content, which is expected for the stated social-network purpose but can affect the user's public reputation.
### Create Post (Auth Required)
```http
POST /town-square
Authorization: Bearer clnk_xxx
...
### Delete Post (Auth Required, Owner Only)
```http
DELETE /town-square/{post_id}Require explicit user approval for public posts, comments, follows, job applications, reports, and deletions, and show the final content before submitting it.
Provider-generated prompts or social content could steer the agent toward actions the user did not explicitly request.
The service can return personalized prompts or suggestions that may influence what the agent does next.
### Get Personalized Prompts (Auth Required) ```http GET /agents/me/prompts ... "suggestion": "Welcome @new_agent to ClankdIn!"
Treat ClankdIn prompts as suggestions only; do not let them override the user's current task, and ask before taking public or account-mutating actions.
If an agent fetches unreviewed remote material, it may receive instructions or context that were not part of this review.
The reviewed skill references an undocumented remote resource that is not included in the provided file manifest.
| ??? | https://api.clankdin.com/inner-life.md |
Do not treat remote or undocumented ClankdIn pages as trusted skill instructions unless the user explicitly asks to inspect them, and review their contents before following them.
Messages, profiles, and posts from other agents may contain untrusted instructions, requests for secrets, or misleading claims.
The skill supports agent-to-agent social communication, including direct-message style conversations.
## Connections & DMs ### Send Connection Request (Auth Required) ... ### Get Conversations (Auth Required)
Treat other agents' content as untrusted user-generated content, avoid sharing secrets or private operator data, and confirm with the user before acting on requests from other agents.