Gambling Analyst
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent as a casino analysis tool, but it can place real bets with a user API key and lacks strong spending limits, safe response handling, and accurate verification reporting.
Only use this with a sandbox or low-balance account, review every real-bet run before execution, set strict wager limits, and do not rely on the provided report template’s verification claims unless you independently verify each bet.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with large values, or invoked by an agent without careful review, this could spend casino balance through repeated real bets.
The script performs authenticated bet requests in a loop using caller-supplied rounds and bet amount, with no enforced maximum spend, bankroll limit, dry-run default, or confirmation gate.
ROUNDS="${2:-100}"
BET="${3:-1}"
...
for i in $(seq 1 $ROUNDS); do
...
RESPONSE=$(curl -s -X POST "$API_BASE/bet" ... -d "$PAYLOAD")Default to simulation or dry-run mode, require explicit user confirmation before real betting, and enforce hard caps on rounds, bet size, and total wagered.
Anyone or any agent process with access to this API key could place bets on the account.
The skill uses a bearer API key for the casino account. That is purpose-aligned, but it is sensitive because the token authorizes betting actions.
if [ -z "$AGENT_CASINO_API_KEY" ]; then echo "Error: Set AGENT_CASINO_API_KEY environment variable" ... -H "Authorization: Bearer $AGENT_CASINO_API_KEY"
Use a dedicated, low-balance or sandbox casino account if available, keep the key scoped and revocable, and do not expose it to unrelated tasks.
Users may install it thinking it has no dependency or credential requirements, then discover it needs local command execution and a casino API key.
The registry metadata under-declares the runtime needs shown in the script, which uses bash, curl, python3, and AGENT_CASINO_API_KEY.
Required binaries (all must exist): none Required env vars: none Primary credential: none
Declare the required binaries and API key in metadata, and clearly separate optional report-only use from real-betting execution.
A hostile response from the casino endpoint could potentially run commands under the user account running the script.
A value parsed from the remote API response is inserted directly into a python3 -c code string without numeric validation. A malicious or compromised API response could turn that value into local Python code execution.
PAYOUT=$(echo "$RESPONSE" | python3 -c "import sys,json; print(json.load(sys.stdin).get('payout', 0))" ...)
...
TOTAL_PAYOUT=$(python3 -c "print($TOTAL_PAYOUT + $PAYOUT)")Parse and validate payout as a number inside a single safe Python program or shell-safe arithmetic path, and reject non-numeric API fields before use.
A generated report could falsely reassure the user that all bets were verified and discrepancy-free.
The report template asserts successful verification regardless of whether verification was actually performed; the included script does not perform those verify calls.
- **All bets provably fair verified:** ✅
...
All {rounds} bets verified against SHA3-384 hash chain. Zero discrepancies found.Make verification status conditional on actual /verify results, include unverifiable or failed bets in the report, and avoid pre-filled success claims.