Skillv1.0.0

ClawScan security

OVERCLOCK Agent · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 7, 2026, 5:40 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions do match a game-playing agent, but there are inconsistent API hosts/params across files and it instructs in-app purchases (real-money listed) without provenance or payment safeguards — proceed with caution.
Guidance: Key things to consider before installing: - Verify the service endpoint and provenance: the packaged docs reference two different base URLs and disagree on rate limits and pack offerings; ask the publisher which host is correct and for an official homepage or source repository. - Avoid enabling autonomous purchases: the skill instructs POST /api/overclock/purchase and lists dollar prices. Ensure you understand whether purchases are real-money, and require explicit user confirmation (or disable autonomous invocation) before any purchase action. - Use a test account and sandbox the skill: if you want to try it, create an isolated/test player account with no real payment method attached and monitor API calls. - Confirm rate limits and behavior: SKILL.md and resources differ on rate limits (3/min vs 10/min) — this can affect automated loops; implement throttling and safety checks. - Ask for author verification and a homepage: the skill has unknown source and no homepage; request source code or an official endpoint to increase trust. - Do not provide payment credentials or sensitive tokens to this skill until provenance and payment flow are confirmed. Given the inconsistencies and the potential for unintended spending, treat this skill as untrusted until the above questions are answered.

Review Dimensions

Purpose & Capability: concernThe SKILL.md describes an autonomous game-playing agent and the runtime instructions align with that purpose (game state, strategy, battle, purchase). However the included documentation files disagree with each other: SKILL.md uses base URL https://overclock-903028338458.us-central1.run.app while resources/API.md lists https://synth-colosseum-wukg3jhefq-uc.a.run.app. Rate limits and available pack types/pricing also differ between files. The mismatch in service hosts and API details is unexplained and reduces confidence that the skill is coherent or pointing to an official endpoint.
Instruction Scope: concernInstructions tell the agent to auto-create accounts, execute battles, change strategy, and perform card pack purchases (prices $2/$4 shown). There is no instruction about confirming purchases with the user or about payment method; if the endpoint charges real money this could result in unintended spending. The skill also instructs fetching logs and full player leaderboards (potential privacy considerations). The scope is otherwise limited to the game APIs and does not request system files or secrets.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files, so nothing is written to disk by the skill itself. That is the lowest install risk.
Credentials: noteNo environment variables or credentials are requested, and the required X-Player-Id header is a non-secret identifier — this is proportionate. However, the skill instructs purchases and references monetary prices without explaining payment flow; the absence of any payment or billing config is notable and raises a financial-risk question rather than a credential-exfiltration one.
Persistence & Privilege: okThe skill does not request permanent inclusion (always:false) and does not modify other skills or system-wide settings. Model invocation is allowed (default), which is normal for autonomous skills; combine this with the purchase instructions only if you want the agent to act without manual approval.