ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Become Ceo

v1.5.0

Your AI executive team on Discord. 7 specialists (engineering, finance, marketing, devops, legal, management, chief of staff) each with its own model and per...

2· 508·0 current·0 all-time
byboluobobo@wanikua
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to create a multi-bot AI 'executive team' on Discord and the SKILL.md plus the provided config template consistently require a clawdbot binary, LLM API key(s), and multiple Discord bot tokens — these requirements align with the stated purpose. However, the registry metadata lists no required environment variables or config paths while SKILL.md metadata declares credentials (LLM_API_KEY, DISCORD_BOT_TOKEN) and config path (~/.clawdbot/clawdbot.json). This metadata mismatch is an inconsistency that should be clarified.
!
Instruction Scope
Instructions tell the operator to install an npm package globally, copy the template to ~/.clawdbot/clawdbot.json, fill in LLM and Discord tokens (multiple token placeholders exist), and start a user systemd service. Agents are expected to read workspace memory files and persistent config. There is explicit guidance to set Discord bots' groupPolicy to 'open' (which broadens what bots will see/say). These steps are coherent for deploying bots but instruct storing many sensitive tokens in a file under the home directory and running a persistent gateway service — both increase blast radius if the installed code or system is compromised. The SKILL.md also mentions a sandbox but notes it is off by default; if you do not enable sandboxing, agents will have normal network access and could exfiltrate data.
Install Mechanism
The install spec uses an npm package (clawdbot) that creates the 'clawdbot' binary. Installing an npm package globally is expected for this type of skill but is a moderate-risk install source compared to a vetted system package; you should inspect the npm package and its source repository (GitHub link provided) before running 'npm install -g'. No opaque download URLs or archive extraction are present in the manifest.
!
Credentials
The service legitimately needs an LLM API key and multiple Discord bot tokens to operate, which the templates show (LLM API, $DISCORD_BOT_TOKEN_MAIN, _ENGINEERING, _FINANCE, etc.). That many tokens and LLM credentials are sensitive but proportionate to a multi-bot Discord deployment. The concern is the manifest/registry metadata omission: required env vars and config paths are not declared there, so automated checks or permission prompts might not surface the true credential needs. Also the suggested placement of tokens inside ~/.clawdbot/clawdbot.json is persistent and should be protected (file permissions, secret manager, or gateway-handled auth).
Persistence & Privilege
The skill instructs starting a user-level systemd service (clawdbot-gateway), which creates a long-running process on the host that will hold credentials and handle bot traffic — this is expected for a bot gateway but increases persistence and blast radius. The skill is not marked always:true and does not request modifying other skills. Review the service unit and runtime privileges before enabling it.
What to consider before installing
This skill is coherent with its goal (running multiple AI-powered Discord bots) but there are important warnings you should heed before installing: - Metadata mismatch: The package registry entry claims no required env vars or config paths, but SKILL.md and the config template clearly require LLM API credentials and many Discord bot tokens and reference ~/.clawdbot/clawdbot.json. Do not rely solely on the registry metadata — assume you will need to provide sensitive keys. - Inspect the npm package: 'npm install -g clawdbot' will install code that will run with your user privileges and hold your tokens. Review the package source on the linked GitHub, and preferably inspect the installed code before running it as a service. - Protect credentials: The template stores multiple tokens in ~/.clawdbot/clawdbot.json. Use strict file permissions, consider using a secrets manager or letting the gateway handle auth in memory rather than writing tokens to disk. - Run in a sandbox/least privilege: The skill mentions a sandbox but it is off by default. If possible, enable the containerized, network-isolated sandbox to reduce risk of data exfiltration by agents. If you must run without sandboxing, isolate the server and use dedicated bot accounts with minimal privileges. - Verify Discord settings: The config requires 'groupPolicy': 'open' and enabling privileged intents — that grants bots broader access to messages and members. Use dedicated bot accounts and only enable intents required for functionality. - Service review: Before starting 'systemctl --user start clawdbot-gateway', inspect the service unit (what user, what environment it will load) to ensure it won't inadvertently expose secrets. If you want, I can: (1) list the exact placeholders and sensitive fields from the template for you to audit, (2) suggest a safer workflow for keeping tokens out of disk (e.g., environment injection, secrets manager), or (3) help review the GitHub repo source if you provide its package contents or a link to the npm package contents.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🏛️ Clawdis
Binsclawdbot

Install

Install Clawdbot
Bins: clawdbot
npm i -g clawdbot
latestvk9728w2evm6jqwdzv3cc2bvxg98237ss
508downloads
2stars
8versions
Updated 5h ago
v1.5.0
MIT-0
boluobobo@wanikua
latest
Download

Become CEO — Your AI Executive Team

7 AI specialists on Discord. You give the orders, they do the work.

Quick Start

  1. Install Clawdbot: npm install -g clawdbot
  2. Install this skill: clawdhub install become-ceo
  3. Copy references/clawdbot-template.json to ~/.clawdbot/clawdbot.json
  4. Fill in your LLM API key, model IDs, and Discord bot tokens
  5. Start: systemctl --user start clawdbot-gateway

For full server setup, see the setup guide on GitHub.

Your Team

  • Chief of Staff (main) — routes your orders (fast model)
  • Engineering — code, architecture, system design (strong model)
  • Finance — budgets, cost control (strong model)
  • Marketing — content, branding, social (fast model)
  • DevOps — servers, CI/CD, infrastructure (fast model)
  • Management — projects, coordination (fast model)
  • Legal — compliance, contracts (fast model)

Config

See references/clawdbot-template.json for the full config template.

  • Each Discord account MUST have "groupPolicy": "open" — does NOT inherit from global
  • identity.theme sets each team member's personality
  • bindings maps each agent to its Discord bot
  • Replace $LLM_PROVIDER, $MODEL_FAST, $MODEL_STRONG with your chosen provider and models

Workspace Files

FileWhat it does
SOUL.mdHow your team behaves
IDENTITY.mdOrg chart and model tiers
USER.mdAbout you, the CEO
AGENTS.mdGroup chat rules, memory protocol

Sandbox

Off by default. To enable read-only sandboxed execution:

"sandbox": {
  "mode": "all",
  "workspaceAccess": "ro",
  "docker": { "network": "none" }
}

Agents run in isolated containers with read-only workspace access and no network. The gateway handles all API authentication externally. See Clawdbot docs for advanced sandbox options.

Troubleshooting

  • @everyone doesn't work — enable Message Content Intent + Server Members Intent in Discord Developer Portal
  • Messages silently dropped — set "groupPolicy": "open" on each Discord account entry

Growing Your Team

  1. Add to agents.list with unique id and identity.theme
  2. Create Discord bot, enable intents
  3. Add to channels.discord.accounts with "groupPolicy": "open"
  4. Add binding, invite bot, restart gateway

Comments

Loading comments...