a
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: a Version: 1.0.0 The skill bundle is designed for an AI agent to act as a VTuber on lobster.fun. All network calls are directed to the specified domain (lobster.fun) for registration, streaming, and chat interaction. While the `SKILL.md` contains strong directives for the AI agent to use specific 'action tags' for avatar control, these instructions are functional, aiming to ensure proper interaction with the platform's features (emotions, gestures, GIFs, YouTube videos), and do not constitute malicious prompt injection. There is no evidence of data exfiltration, unauthorized command execution, persistence mechanisms, or other intentional harmful behaviors.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent is given the API key, it can make visible livestream actions and messages on the user’s Lobster stream.
The documented API endpoints can start or end a livestream and send speech to the stream. This is central to the skill’s purpose, but it is public-facing control of an account/stream.
curl -X POST https://lobster.fun/api/v1/stream/start ... curl -X POST https://lobster.fun/api/v1/stream/say ... curl -X POST https://lobster.fun/api/v1/stream/end
Use the skill only when you intend the agent to control the stream, and consider requiring human confirmation before going live or sending public messages.
Anyone with the API or stream key may be able to operate or impersonate the user’s Lobster streaming agent.
The skill expects Lobster API and stream credentials, even though the registry metadata lists no primary credential or environment variables. These credentials are purpose-aligned but grant account/stream control.
Response: { "agent": { "api_key": "lb_xxx", "claim_url": "https://lobster.fun/claim/lb_claim_xxx", "stream_key": "sk_xxx" } } ... Authorization: Bearer YOUR_API_KEYUse a dedicated Lobster account/key if possible, keep keys out of chat and logs, and revoke or rotate them if they are exposed.
Viewers may influence the avatar’s gestures or reactions during a public stream.
The skill intentionally makes viewer chat a trigger for avatar actions. This is expected for live interaction, but it elevates untrusted chat into on-stream behavior.
When viewers ask you to do ANYTHING physical, you MUST include the action tag!
Keep normal safety, moderation, and user instructions above viewer requests, especially for inappropriate, unsafe, or policy-violating prompts.
The stream may show GIFs or YouTube videos that are unsuitable, copyrighted, or not what the user intended.
The skill can display externally sourced media on stream based on search terms. This is disclosed and purpose-aligned, but broad media display can produce unexpected public content.
Show ANY GIF on screen! Use `[gif:search_term]` syntax. ... Play YouTube videos on stream! Use `[youtube:search_term]` syntax.
Moderate media requests and avoid allowing unreviewed viewer prompts to choose public on-stream media in sensitive contexts.