play_minecraft

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This documentation-only skill transparently controls a local Minecraft bot API; the main risk is that it can make real in-game changes and log bot state.

Before installing, confirm you trust the local Mindcraft HTTP service, use it first in a private or local Minecraft world, review commands before running bulk tasks, and manage any generated request/state logs carefully.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI02: Tool Misuse and Exploitation

Low

What this means

If connected to a shared or important Minecraft world, the bot could make changes in that world when the user asks it to perform tasks.

Why it was flagged

The skill gives the agent a documented way to send action commands to a Minecraft bot. This is purpose-aligned, but it can still cause real in-game movement, collection, or other actions.

Skill content

用 `POST /api/v1/agents/:agentName/actions/execute` 执行动作

Recommendation

Use this with a trusted local Mindcraft server first, review the action schema before running commands, and avoid unattended bulk actions on shared servers.

#ASI04: Agentic Supply Chain Vulnerabilities

Info

What this means

The reviewed skill does not install code itself, but the actual bot server behavior depends on the separate Mindcraft installation the user runs.

Why it was flagged

The skill is instruction-only and relies on an external Mindcraft Node service and configuration that are not included in the artifact set.

Skill content

- 启动命令：`node main.js`
- `settings.js` 推荐：
  - `external_controller_only: true`
  - `mindserver_port: 8080`

Recommendation

Only run a Mindcraft service from a trusted source, confirm it binds as expected, and review its settings before giving an agent access to the API.

#ASI06: Memory and Context Poisoning

Info

What this means

Logs may contain bot commands, positions, inventory, and health information from the Minecraft world.

Why it was flagged

The skill asks the calling layer to retain action payloads and game-state snapshots. This is useful for debugging but creates persistent operational records.

Skill content

每次动作调用都记录：
  - request payload
  - response payload
  - state 前后快照（至少位置/背包/健康）

Recommendation

Keep these logs in a trusted location, avoid sharing them publicly if they reveal private server details, and delete them when no longer needed.