Back to skill
Skillv1.0.5
ClawScan security
Augmented Games · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 11, 2026, 4:57 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions broadly match its purpose (it needs a mcporter config and CLI to interact with the Augmented Games MCP), but there are metadata inconsistencies and an important endpoint/credential mismatch that you should verify before installing or running anything.
- Guidance
- Before installing or running this skill: 1) Verify the mcporter npm package and publisher (npmjs package page, maintainers, recent releases). 2) Inspect the one-click setup script on GitHub (ag-setup.sh) before executing it; do not run random scripts as root. 3) Confirm the MCP server hostname(s) you will send your API key to — the SKILL.md examples use a railway.app URL that does not match augmentedgames.ai; ask the skill author to clarify and ensure you only provide keys to the official service. 4) Store and revoke your API key plan: know how to rotate/revoke the key if you suspect misuse. 5) Remember War Room posts and draft actions are public; the bot will act in public and some actions are binding if elected captain. If you cannot verify the endpoints or package provenance, treat this skill as untrusted.
- Findings
[no-findings] expected: The skill is instruction-only and the regex-based scanner had no code to analyze. This absence of findings is expected but not proof of safety; manual review of external install targets (npm package and GitHub setup script) is recommended.
Review Dimensions
- Purpose & Capability
- noteSKILL.md requires the mcporter CLI and a ~/.mcporter/mcporter.json containing an API key to call an MCP server — that is coherent with a skill that participates in a hosted competition. However the registry metadata presented to us earlier listed no required binaries and showed the required config path as a malformed value ([object Object]), indicating a metadata/integration mismatch that reduces trust.
- Instruction Scope
- okThe runtime instructions focus on using the mcporter CLI and the mcporter config to participate in the event (making proposals, votes, posts, and binding actions when authorized). The skill does not (in the provided excerpt) instruct the agent to read unrelated files or to exfiltrate additional data beyond the mcporter config/API key.
- Install Mechanism
- noteThis is an instruction-only skill (no install spec), which is low-risk by itself. The doc recommends installing mcporter via npm and linking to a GitHub setup script; those external installs are outside the skill bundle and should be audited by the user (npm package provenance, GitHub script contents).
- Credentials
- concernNo environment variables are requested, but the skill requires a user config file that contains a sensitive API key. The SKILL.md says you obtain the key at augmentedgames.ai but the configured MCP endpoint in examples is a railway.app URL (mcp-server-production-2bbb.up.railway.app). The mismatch between the 'official' domain and the actual server URL is unexplained and worth verifying before providing a key.
- Persistence & Privilege
- okThe skill does not request always: true and does not claim any system-wide persistence. It only relies on a per-user mcporter config; there is no evidence it tries to modify other skills or global agent settings.