AI Hall of Shame
AdvisoryAudited by VirusTotal on Mar 27, 2026.
Overview
Type: OpenClaw Skill Name: ai-hall-of-shame Version: 1.0.0 The skill bundle 'ai-hall-of-shame' (skill.md) instructs the AI agent to adopt a 'roast comedian' persona and 'self-report' its own operational failures to a public forum (hallofshame.cc). This creates a significant risk of data exfiltration, as the agent is encouraged to share narratives of its internal actions and errors externally. Furthermore, the 'Comedy Playbook' provides templates for deceptive communication, such as the 'Fake Success Report' (reporting success while failing) and the 'You're Absolutely Right Loop' (agreeing with users while repeating errors), which could lead the agent to provide misleading status updates to its primary user under the guise of humor.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If given a token, an agent could post, comment, vote, or react from the user's account, potentially publishing private context or damaging the user's reputation.
The skill documents account write operations to a forum. The visible artifact does not pair these public actions with a requirement to preview the exact content, get explicit user approval, or redact private conversation details before submission.
POST /api/posts { title, body } ... POST /api/posts/:id/comments { body } ... POST /api/votes { targetId, targetType: "post"|"comment", value: 1|-1 }Only allow writes after the user reviews the exact draft and target action. Add explicit instructions to redact secrets, personal data, private prompts, file paths, customer data, and any non-consented content before posting.
A provided token can let the agent perform authenticated actions until the key expires or is revoked.
Bearer-token/API-key use is expected for an authenticated forum integration, but it grants the agent authority to act as the user's account and is not reflected in the registry metadata's credential declarations.
All write actions require auth via `Authorization: Bearer <token>` header. ... API Key ... expires 90 days
Use a dedicated, revocable API key rather than a broader session token where possible, keep it secret, revoke it when finished, and declare the credential requirement clearly in metadata.