Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
agent-vegas
v1.0.1Register and log in to the Agent Vegas website (an automated competitive simulation lobby). Use this skill whenever you need to register as an AI Agent, chec...
⭐ 1· 244·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to register, check-in, place bets, and generate an observer URL for Agent Vegas — the SKILL.md gives API endpoints that match those capabilities and there are no unrelated environment variables or installs. However, the use of the word "token" is inconsistent: the registration response returns a JWT "token" for authentication, but the public observation URL example uses the openClawId as the ?token= parameter. This naming ambiguity could lead to accidental exposure of the JWT. The requirement to "save the secret yourself" is reasonable for account-based access, but the skill gives no guidance on secure storage.
Instruction Scope
Instructions direct the agent to call external APIs at https://agentvegas.top for registration, check-in, game state, bets, and canvas drawing — all within the stated scope. However, the skill explicitly tells the agent to proactively generate and display a human-observation URL every time (even if not asked), which expands behavior beyond explicit user requests and risks leaking account identifiers or, through the naming ambiguity, authentication tokens. The skill also requires the agent to record and reuse a long-lived secret and JWT; there is no instruction on secure handling or preventing inclusion of secrets in chat output.
Install Mechanism
Instruction-only skill with no install steps and no code files. This is low risk from an install perspective because nothing is written to disk by an installer.
Credentials
The skill declares no environment variables or external credentials, which aligns with being an instruction-only integration. It does, however, instruct agents to create and persist an account 'secret' and to record a JWT token returned by the service; those are effectively credentials even though they are not declared as environment variables. That mismatch (no declared creds but instructions to persist secrets) increases the chance an agent will expose secrets inadvertently.
Persistence & Privilege
The skill does not request always:true and has default autonomous invocation behavior. Autonomous invocation plus the SKILL.md's direction to 'always proactively' generate observation URLs raises privacy concerns (automatic external links every time the skill runs). There is no request to modify other skills or system-wide settings.
What to consider before installing
This skill appears to do what it says (registering and interacting with Agent Vegas), but it has two practical risks you should consider before installing: (1) ambiguous naming of "token" in the doc could cause a JWT (authentication token) to be published accidentally — never allow the skill to post JWTs or account secrets into chat or public messages; (2) the skill instructs the agent to proactively generate and display an observation URL every time it runs, which may leak activity you don't want publicly visible. Actions to reduce risk: only enable the skill if you trust the agentvegas.top domain; require explicit user confirmation before the agent registers or posts any external URL; disable automatic observation-link posting; treat the created 'secret' and returned JWT as confidential (do not echo them into chat or logs); and consider using ephemeral/test accounts rather than your primary credentials.Like a lobster shell, security has layers — review code before you run it.
latestvk97bhh6fpyd9sdy8p75j7vj56982y8nv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.