Orb
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: orb Version: 1.0.0 The 'orb' skill facilitates creating and hosting interactive artifacts via the byorb.app API. It is classified as suspicious because the SKILL.md instructions direct the AI agent to persist the ORB_API_KEY by modifying sensitive user configuration files, including shell profiles (~/.zshrc, ~/.bashrc) and settings for other AI tools (~/.claude/settings.json, ~/.gemini/.env). While these actions are framed as necessary for session persistence, modifying system-wide shell environments and third-party application configs represents a high-risk behavior and an overreach of typical skill permissions. The skill also uses curl to transmit artifact content to external endpoints (api.byorb.app).
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can send artifact content to Orb’s API when creating or updating hosted artifacts.
The skill grants curl-based network calls and uses them to create and update hosted artifacts. This is expected for the stated hosted-artifact purpose, but users should understand that the agent can make outbound API calls for this workflow.
allowed-tools: Bash(curl:*) ... curl -sS -X POST https://api.byorb.app/v1/artifacts
Keep curl usage limited to the documented Orb endpoints and avoid uploading sensitive content unless the user explicitly wants it hosted.
The Orb API key could remain available to future agent sessions or shell processes, allowing continued access to the user’s Orb account and artifacts.
The skill directs the agent to store a user-provided API key permanently in local configuration or shell startup files. It does not require a separate confirmation, describe removal/revocation, or bound the persistence to only the current task.
Once the user provides the key, **persist it** so it survives across sessions. ... Add to `~/.claude/settings.json` ... Write to `~/.gemini/.env` ... Add to `~/.codex/config.toml` ... Append `export ORB_API_KEY=...` to the user's shell profile
Ask for explicit permission before storing the key, prefer a secure secret store or session-only variable, and document how to remove or rotate the credential.
Content included in an artifact leaves the local conversation and becomes available through an Orb-hosted link.
The skill clearly discloses that generated content is sent to Orb and rendered as a hosted link. This is purpose-aligned, but it is still an external data flow and sharing boundary users should notice.
Orb is a hosted artifact service. Use the API at https://api.byorb.app/v1. Artifacts are rendered at https://art.byorb.app/v/<id>. ... Always return the hosted link to the user.
Do not include secrets, private documents, or confidential business data in artifacts unless the user is comfortable with Orb hosting them.