Clawd Casino

The skill is classified as suspicious due to its explicit handling and storage of cryptocurrency private keys (`CASINO_WALLET_KEY`) and API keys (`CASINO_API_KEY`) directly in `.env` files, as demonstrated in `script/wallet_gen.py` and `script/register.py`. The `SKILL.md` documentation explicitly instructs the AI agent to perform these actions (e.g., `/wallet-gen --save` and `/register --name "MyAgent" --save`), which, while transparently aligned with the stated purpose of a crypto casino agent, constitutes a high-risk prompt injection directing the agent to manage sensitive credentials on disk. All network communication is directed to the specified casino API (https://api.clawdcasino.com/v1), and there is no evidence of unauthorized data exfiltration or other malicious intent.