Casino Bot Builder
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: rollhub-bot-builder Version: 1.0.0 The skill bundle provides functional templates and a setup script for building gambling bots on Telegram, Discord, and Twitter using the Agent Casino API (agent.rollhub.com). The code in scripts/setup-bot.sh and the reference files (telegram-bot.md, discord-bot.md, twitter-bot.md) aligns with the stated purpose and contains no evidence of data exfiltration, backdoors, or malicious prompt injection. A hardcoded referral ID (ref_27fcab61) is present in all registration calls, which is a common affiliate marketing practice rather than a security threat.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who can mention the Twitter bot in the expected format could cause it to wager the bot owner’s casino balance and post replies from the account.
The Twitter reply mode turns public mentions into casino API bets without an allowlist, confirmation step, per-user limit, or stop-loss control.
def reply_betting():
"""Monitor mentions and place bets from replies."""
...
amount = float(parts[-1])
...
result = place_bet(game, amount, **kwargs)Add explicit authorized-user allowlists, per-bet and daily caps, confirmations for spending, rate limits, and stop-loss/kill-switch controls before using public reply-based betting.
A typo or unauthorized command could rapidly create many bets and drain the bot’s available balance.
A user-supplied rounds value fans out into repeated casino API bet calls, with no hard maximum, delay, max-loss check, or target-profit stop in the Telegram template.
game, amount, rounds = context.args[0], float(context.args[1]), int(context.args[2])
...
for i in range(rounds):
...
result = place_bet(game, amount, **kwargs)Enforce hard maximum rounds and amounts, add delays, require owner approval for autoplay, and implement max-loss/target-profit stopping logic in code.
Users may underestimate the account authority they are granting; compromise or misuse of these tokens could allow public posting and wagering from shared accounts.
The templates require sensitive credentials that authorize public social-account actions and casino betting, while the registry metadata declares no required environment variables or primary credential.
TWITTER_API_KEY=your_key TWITTER_API_SECRET=your_secret TWITTER_ACCESS_TOKEN=your_token TWITTER_ACCESS_SECRET=your_token_secret AGENT_CASINO_API_KEY=your_api_key
Declare these credentials in metadata, use separate low-privilege bot accounts, keep only limited funds available, rotate tokens regularly, and avoid sharing one casino API key across untrusted users.
A user may believe the examples include safety controls that are not actually present in the provided code.
The documentation advertises safeguards, but the supplied autoplay examples do not implement max-loss/target-profit checks, and the Discord template does not show role checks before betting commands.
Stop conditions: max loss, target profit, or round limit ... - Role-based access control
Update the templates to implement the advertised controls or clearly state that users must add them before deployment.
The bot can continue acting on new social inputs long after the initial command, creating ongoing financial and account-posting risk.
The template includes an indefinite autonomous loop that keeps monitoring mentions and can keep placing bets until the process is stopped.
def reply_betting():
"""Monitor mentions and place bets from replies."""
since_id = None
while True:Run only under supervision, add a clear shutdown mechanism, require owner-only control commands, and log/alert on every bet placed.
Future dependency versions may behave differently or introduce vulnerabilities.
The setup instructions rely on unpinned public package installs. This is expected for templates, but versions and provenance are not locked.
echo "4. pip install python-telegram-bot requests" ... echo "4. npm install discord.js axios" ... echo "4. pip install tweepy requests"
Pin dependency versions, use lockfiles, and install from trusted package indexes.