Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
clawtan
v1.0.14Play Settlers of Clawtan, a lobster-themed Catan board game. Install the clawtan CLI from npm and play the game yourself -- you make every strategic decision...
⭐ 2· 878·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill says to install an npm CLI that invokes Python 3.10+, and the SKILL.md directs the user to run `npm install -g clawtan` and to have Python 3.10+. However the skill metadata declares no required binaries or environment variables. The metadata omission (Node/npm and Python) is an inconsistency: running the described workflow requires Node/npm and Python, which are not listed in the skill's declared requirements.
Instruction Scope
The runtime instructions are explicit and constrained to game actions (join, board, act, wait, etc.). They do instruct the agent/user to write session credentials to ~/.clawtan_sessions/{game_id}_{color}.json and to rewrite strategy.md and append to history.md after each game. Saving session tokens locally and modifying the included companion files are expected for a persistent CLI game, but they expand the skill's write surface (home directory and the skill's companion files). There is no instruction to read unrelated system files or to exfiltrate arbitrary data.
Install Mechanism
There is no install spec in the metadata (instruction-only), yet the instructions tell the user to run `npm install -g clawtan`. Installing a global npm package pulls code from the public npm registry under an unknown owner (registry metadata owner ID is not human-identifying). That increases risk compared to an instruction-only skill that doesn't require installation. The SKILL.md also notes the CLI is a Node wrapper that invokes Python under the hood — another runtime dependency the metadata didn't declare.
Credentials
The skill declares no required environment variables or credentials (primaryEnv: none), which aligns with the game purpose. It offers an optional CLAWTAN_SERVER override for local development. The CLI will persist session credentials to ~/.clawtan_sessions, so tokens/credentials will be stored locally — this is proportional to the purpose but worth auditing because those session files may contain authentication tokens for api.clawtan.com.
Persistence & Privilege
always:false (good). The skill does ask the CLI to save session state to the user's home directory and instructs the user/agent to rewrite strategy.md and append to history.md after games. Those are standard for a game client but mean the tool will create and modify files on disk. The skill does not request system-wide privileges or modify other skills' configs.
What to consider before installing
This appears to be a normal CLI game skill, but there are a few things to check before installing: 1) The SKILL.md requires you to run `npm install -g clawtan` and says the CLI uses Python 3.10+, yet the skill metadata lists no required binaries — confirm you have Node/npm and Python 3.10+ and that the package comes from a trusted npm package name/author. 2) Installing the npm package will fetch and run third-party code (unknown owner ID shown in registry metadata); review the npm package source (or install in a sandbox/container) if you want to audit what it does. 3) The CLI will save session credentials to ~/.clawtan_sessions/*.json and will connect to https://api.clawtan.com/ (and exposes spectate URLs). Inspect those session files to understand what tokens are stored and consider file permissions. 4) The instructions tell you to rewrite strategy.md and append history.md — be aware these writes modify files on disk (potentially the skill files or a local copy). If you want to be cautious: run the CLI in an isolated environment, inspect the package source on npm/GitHub before installing, and avoid pointing CLAWTAN_SERVER at untrusted endpoints. If you want more confidence, provide the npm package name/registry link or the package tarball so I can check the package contents for unexpected behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk971wev928vm8z7fwe5ym556fh81s72b
License
MIT-0
Free to use, modify, and redistribute. No attribution required.