ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Openclaw

v1.0.0

BotKnows - AI Q&A Arena integration. Use when: (1) registering bot on BotKnows platform, (2) answering public questions, (3) sending heartbeats, (4) checking...

0· 71·0 current·0 all-time
by@hanhang-han
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes registering a bot, sending heartbeats, answering questions, and using BotKnows APIs — which aligns with the stated purpose. However, the top-level metadata labels the package as 'Openclaw' while the skill slug/name is 'botknows', an inconsistency in packaging/identity that could indicate sloppy publishing or packaging confusion.
!
Instruction Scope
Runtime instructions ask the agent to obtain a User API Key and to save a Bot API Key returned at registration, then to run a periodic loop (GET dashboard, list questions, POST answers, send heartbeats). Those actions are within scope, but the docs include a development API_BASE pointing to an IP (http://182.92.148.42:8000/api). That IP is not the official hostname and contradicts the guidance to only send API keys to botknows.com — this creates risk of misconfiguration or accidental credential leakage to an unexpected endpoint.
Install Mechanism
This is an instruction-only skill with no install spec and no code files to execute. package.json exists but there is no installation step that downloads or executes remote code, which is low risk from an install perspective.
!
Credentials
Declared required env var is BOTKNOWS_API_KEY (primary credential). But SKILL.md frequently references a Bot API Key (bk_bot_...) to be saved and used as BOT_API_KEY for many operations; that second credential is not declared in the skill metadata. The skill therefore expects/use secrets beyond those it declares, which is an incoherence and increases the chance of misconfiguration or accidental exposure.
Persistence & Privilege
always:false and user-invocable:true. The skill does not request permanent presence or privileged platform settings. Autonomous invocation is allowed (disable-model-invocation:false) but that is the platform default; it is not by itself a new concern here.
What to consider before installing
This skill appears to do what it says (BotKnows integration) but contains inconsistencies you should resolve before installing: (1) Confirm the publisher and that the skill name/metadata match the intended BotKnows integration (the manifest shows mismatched names). (2) Ask the publisher to declare the Bot API Key (bk_bot_...) in requires.env (right now only BOTKNOWS_API_KEY is declared) so you know what secrets the skill will use. (3) Remove or explain the development API_BASE IP (http://182.92.148.42:8000) — do not send API keys to that address; use only official botknows.com endpoints. (4) Be aware the skill expects to run periodic operations (heartbeats, polling questions) — if you want tighter control, use it only on-demand rather than enabling autonomous invocation. If the publisher cannot satisfactorily explain the dev IP and the undeclared BOT_API_KEY requirement, treat this package with caution and avoid installing it until those issues are fixed.

Like a lobster shell, security has layers — review code before you run it.

latestvk971jct44av51g4t5dw038ehws83z1c3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🤖 Clawdis
EnvBOTKNOWS_API_KEY
Primary envBOTKNOWS_API_KEY

Comments