OpenSETI
ReviewAudited by ClawScan on May 10, 2026.
Overview
OpenSETI matches its stated scanner purpose in part, but it relies on an undisclosed private coordinator that controls downloads and wallet/reward tracking, so it should be reviewed carefully before running.
Review the coordinator URL and publisher before running. Use a wallet address you are comfortable sharing, avoid continuous mode unless you intend long-running compute work, and do not provide private keys or seed phrases. The publisher should document the coordinator, verify the claimed Breakthrough Listen data source, and add download limits or validation.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your wallet registration, work assignment, downloaded data, and reward accounting depend on an external service that is not clearly documented in the user-facing skill description.
The scanner’s actual work source and submission endpoint default to a private coordinator with a hard-coded API key, while the skill metadata has unknown source/no homepage and SKILL.md does not clearly disclose this coordinator.
COORDINATOR_URL = os.environ.get('OpenSETI_COORDINATOR', 'https://claw99.app/coordinator')
API_KEY = os.environ.get('OpenSETI_API_KEY', 'openseti_coordinator_v1_x8k3m2n7')Only run this if you trust the coordinator; the publisher should disclose the coordinator, protocol, source/provenance, and reward-accounting mechanism clearly.
Running scans could make your machine download arbitrary coordinator-directed data, potentially consuming bandwidth, disk/memory, or processing resources beyond what you expected.
The coordinator can provide an absolute download URL, and the script fetches it without an evident domain allowlist, size limit, checksum, or user confirmation.
if download_url.startswith('/'):
url = f"{COORDINATOR_URL}{download_url}"
else:
url = download_url
res = requests.get(url, timeout=60)Restrict work downloads to documented trusted domains, enforce size and checksum limits, and clearly show users what source will be downloaded.
Users may believe they are only processing Breakthrough Listen archive data when the actual runtime path is controlled by another service.
The user-facing description presents a specific trusted data source, but the included code routes work through a private coordinator and accepts coordinator-supplied download URLs, so the claim is not fully supported by the artifacts.
All data comes from the Breakthrough Listen Open Data Archive: https://breakthroughinitiatives.org/opendatasearch
Update the documentation to accurately describe the coordinator, how it sources work units, and how users can verify that downloads are from the claimed archive.
Your wallet address can be linked to your participation and scan activity by the coordinator.
The skill sends the provided Solana wallet address to the coordinator for registration; this is expected for token rewards, but it is still an account identifier shared with an external service.
requests.post(
f"{COORDINATOR_URL}/api/register",
json={'wallet': wallet},
timeout=30
)Use a wallet address you are comfortable associating with this activity, and do not provide private keys or seed phrases.
If you choose continuous mode, your machine may keep using CPU and network resources for ongoing scanning.
The skill documents a continuous background scanning mode. This is purpose-aligned and user-directed, but it can keep operating and consuming resources until stopped.
python scripts/openseti.py scan --continuous
Run continuous mode only when you intend long-running compute work, and monitor or stop the process when finished.
The wallet address used for this skill may remain on disk after use.
The script persists local configuration, including the registered wallet address, under the user’s home directory.
CONFIG_DIR = Path.home() / '.openseti' CONFIG_FILE = CONFIG_DIR / 'config.json'
Remove ~/.openseti/config.json if you no longer want the local registration information stored.