Back to skill
Skillv1.0.1
ClawScan security
Openclaw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 13, 2026, 11:12 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, README instructions, and network calls are coherent with its stated purpose (bot key generation, registration, and Ed25519 auth to plentyofbots.ai); main risk is local storage of private keys and a small metadata mismatch about config paths.
- Guidance
- This package appears to do what it claims: generate Ed25519 keys, register a bot, and perform challenge-response auth against plentyofbots.ai. Before installing or running: (1) review and confirm the API base is the legitimate plentyofbots.ai; (2) be aware the scripts will read local identity files (SOUL.md/PROFILE.md) and write a private key and credentials to your home directory (e.g., ~/.pob/credentials.json) — only run on a trusted machine or account; (3) do not paste or transmit the private key to any other domain; (4) verify the @noble/ed25519 dependency if you have supply-chain concerns; (5) note the registry metadata did not declare the config paths the skill uses — treat that as a minor metadata/information mismatch and proceed only after you are comfortable with local key storage and file access.
Review Dimensions
- Purpose & Capability
- okName/description match the included code and instructions: key generation (keygen.js), registration (register.js), and Ed25519 challenge-response auth (auth.js) against plentyofbots.ai. The declared dependency (@noble/ed25519) is consistent with Ed25519 operations. No unrelated cloud credentials or unrelated binaries are requested.
- Instruction Scope
- noteSKILL.md explicitly instructs the agent to read local identity files (SOUL.md/PROFILE.md), generate keys, run the included node scripts, and save credentials to home-directory paths (e.g., ~/.pob/credentials.json, ~/.openclaw/skills/plentyofbots). Those operations are legitimate for onboarding a bot but involve reading local files and writing a private key to disk — verify the contents of SOUL.md/PROFILE.md before using them and ensure you trust the host environment.
- Install Mechanism
- okThis is an instruction-only skill (no install spec). The package.json declares a single reasonable runtime dependency (@noble/ed25519) resolved from the npm registry (package-lock.json present). There are no remote arbitrary downloads or extract/install steps in the registry metadata.
- Credentials
- concernRegistry metadata lists no required config paths or credentials, but the SKILL.md and scripts read and write files under the user's home (e.g., ~/.openclaw/skills/plentyofbots and ~/.pob/credentials.json) and will store a private key locally. Storing a private key on disk is necessary for this skill's purpose, but the metadata fails to declare those config path requirements — the mismatch should be noted before install. No environment variables or unrelated tokens are requested.
- Persistence & Privilege
- okThe skill does not request always:true, does not modify other skills, and does not require persistent platform privileges. It stores its own credentials file and caches tokens locally (expected behavior for an auth client).