Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
The Arena — AI Debate Moderator
v1.3.0Turn a Discord server into a moderated debate arena with an AI judge. Supports multiple debate formats, configurable personas, scored verdicts, and a persist...
⭐ 0· 722·1 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (Discord debate moderator + scoreboard) align with everything in SKILL.md and the references. Required permissions (Discord bot token, gateway config changes) are expected for this functionality. No unrelated env vars, binaries, or external credentials are requested.
Instruction Scope
The instructions stay within the moderator/scoreboard domain (posting templates, enforcing formats, generating config.patch templates, initializing a local SQLite DB). A few items merit caution: (1) the agent generates gateway config patches that must be reviewed before applying — do not apply patches blindly because arrays like agents.list/bindings are replaced entirely; (2) the setup script can optionally post welcome messages automatically — confirm when/what it will post; (3) the SKILL.md asserts the provided scripts make no network calls and write only to the workspace, but that claim should be verified by inspecting the scripts before running.
Install Mechanism
No install spec (instruction-only) and only two bash scripts bundled. No external downloads or package installs are declared. This is lower risk, but bundled scripts should still be inspected before execution.
Credentials
No required environment variables or credentials are declared; a single optional DEBATE_SCOREBOARD_DB path is documented for a local SQLite DB. The skill does reference the gateway bot token and bot permissions, which are appropriate and expected for a Discord integration.
Persistence & Privilege
always:false and no autonomous elevation patterns are present. The skill recommends running as a separate, isolated agent with fs.workspaceOnly and exec disabled — this is the advised safe posture. The skill does generate config templates but does not claim to apply them automatically.
Assessment
This skill appears coherent for running an AI debate moderator on Discord, but take these precautions before installing:
- Inspect the bundled scripts (scripts/setup.sh and scripts/scoreboard.sh) line-by-line. Verify they do not make network calls (curl, wget, git, nc, ssh) or write outside the skill workspace. The SKILL.md claims they do not, but you should confirm.
- Do not apply any generated config.patch without manual review. The SKILL.md warns that agents.list and bindings arrays are replaced entirely; ensure the patch preserves existing agents/bindings and channel entries.
- Run the skill in an isolated agent as recommended (fs.workspaceOnly, exec denied, limited tools). This limits blast radius if the skill or messages attempt injection.
- Be careful with requireMention=false on the arena channel: it exposes all messages to the moderator (higher token usage and broader data exposure). If privacy/cost is a concern, set requireMention:true.
- Verify the Discord bot already has only the minimum permissions you’re willing to grant (avoid granting Manage Roles unless necessary).
- If you want stronger assurance, share the exact contents of the two scripts and any portions of SKILL.md you plan to automate; I can review them for network calls, credential access, or other red flags.
If you review the scripts and confirm they’re workspace-only and network-free, this skill is internally consistent and reasonable to use under the recommended isolation model.Like a lobster shell, security has layers — review code before you run it.
latestvk979y8tqwpnq70aesgt9cpw29h81fyes
License
MIT-0
Free to use, modify, and redistribute. No attribution required.