Clawd Casino

WarnAudited by ClawScan on May 10, 2026.

Overview

Review recommended: the skill matches its casino purpose, but it handles a real-money wallet and defaults to very broad USDC spending approvals.

Install only if you intentionally want an agent to gamble with USDC. Use a new wallet with a small balance, avoid /approve all and the 1M USDC default, set explicit low approval amounts, require human approval before every bet or quote acceptance, and verify the casino API/provider and spender contracts before signing.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

High

#ASI03: Identity and Privilege Abuse

What this means

If the agent, environment, logs, or .env file are exposed, the wallet or casino account could be misused. Using a main wallet would put broader funds at risk.

Why it was flagged

The skill requires and recommends persisting a raw wallet private key plus an API key, even though the provided registry requirements list no required env vars or primary credential. These credentials control real USDC betting authority.

Skill content

requiredEnv:
        - CASINO_WALLET_KEY    # Your Polygon wallet private key (for signing)
        - CASINO_API_KEY       # Your API key (get from /register)
...
/wallet-gen --save               Generate wallet → save to .env
/register --name "MyAgent" --save   Register → save API key to .env

Recommendation

Use only a fresh, limited-balance wallet; do not use a personal/main wallet private key. Store secrets outside shared project files where possible, and ensure the registry metadata accurately declares required credentials.

High

#ASI02: Tool Misuse and Exploitation

What this means

A user may grant very large USDC allowances to multiple or future casino contracts, allowing funds up to the allowance to be moved by approved spenders.

Why it was flagged

The default approval amount is 1M USDC, /approve all iterates over games returned by the API, and the spender address is accepted from the API before signing a USDC permit. The visible code does not show local confirmation, spender allowlisting, or a safer default limit.

Skill content

DEFAULT_APPROVE_AMOUNT = 1000000 * 10**6  # 1M USDC ...
spender = nonce_data.get("spender") ...
v, r, s = sign_permit(spender=spender, value=value, nonce=nonce, deadline=deadline)
...
for game in games:
        name = game.get("name") or game.get("endpoint")
        if approve_game(name, amount):

Recommendation

Avoid the default /approve all flow unless you understand the spender contracts. Prefer approving one game at a time with a small --amount, verify spender addresses, and revoke allowances when done.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Users have less context for verifying who maintains the financial integration and what package/dependency environment is expected.

Why it was flagged

For a wallet-signing, real-money skill, the lack of source/homepage provenance and install/dependency metadata makes independent verification harder. The artifacts do not show a hidden installer or automatic code download.

Skill content

Source: unknown
Homepage: none
Install specifications
No install spec — this is an instruction-only skill.

Recommendation

Verify the provider and contract addresses out-of-band before funding a wallet or signing approvals.