Back to skill
Skillv1.0.1
ClawScan security
Casino Affiliate by Rollhub · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 24, 2026, 3:17 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's behavior largely matches its stated purpose (affiliate promotion for Agent Casino), but omissions and provenance gaps — most notably the missing declared API credential, unknown source/homepage, and encouragement of autonomous external posting — make it questionable to install without further verification.
- Guidance
- What to consider before installing: 1) Verify the source and domain (agent.rollhub.com) — this skill has no homepage or known publisher details, which reduces trust. 2) The skill expects you to register and store an API key (ROLLHUB_AFFILIATE_KEY) but the registry metadata did not declare this; treat that API key like any secret and do not reuse sensitive credentials. 3) The included script simply calls the listed API endpoints with curl; inspect any API responses before allowing automated agents to act on them. 4) Because the skill encourages posting on social platforms, consider disabling or restricting autonomous invocation (require user confirmation) to avoid accidental spam or TOS violations. 5) Confirm you (and your jurisdiction) are allowed to promote gambling and that you follow platform rules and age/legal restrictions. 6) If you still want to use it: create a dedicated affiliate account, rotate keys if needed, test the endpoints manually first, and only grant the least privilege possible to any agent invoking this skill.
Review Dimensions
- Purpose & Capability
- noteThe name, description, SKILL.md and included scripts all align with an affiliate-marketing skill for agent.rollhub.com. However, the skill instructs storing an API key in ROLLHUB_AFFILIATE_KEY but the registry metadata lists no required environment variables or primary credential — an inconsistency. Also the package has no homepage or known source, which reduces trust in the declared purpose.
- Instruction Scope
- okRuntime instructions are limited to registering with agent.rollhub.com, storing a returned API key as an env var, fetching affiliate stats, and generating promotional content from provided templates. The instructions do not ask the agent to read unrelated files or access other credentials. They do explicitly instruct broad external posting (Twitter, Reddit, Discord, etc.), which is consistent with an affiliate skill but raises operational and policy risks (spam, platform TOS violations) outside of a security scope.
- Install Mechanism
- okThis is instruction-only aside from a small included shell script (scripts/affiliate.sh) which calls curl to agent.rollhub.com. There is no download/install step, no third-party package installs, and no archive extraction — low install risk. The included script performs straightforward network calls and echoes instructions.
- Credentials
- concernThe SKILL.md requires storing and using an API key (ROLLHUB_AFFILIATE_KEY) for Authorization headers, but the skill metadata declares no required env vars or primary credential. That mismatch is a proportionality and transparency issue: the skill will need a secret but doesn't declare it, preventing automated policy checks and review. No other credentials are requested, which is proportionate, but the missing declaration is notable.
- Persistence & Privilege
- okThe skill does not request always:true and does not modify other skills or system config. It is user-invocable and allows autonomous invocation by default (platform normal), which combined with external-posting instructions increases spam/TOS risk but is not itself a technical privilege escalation.