ClawGang
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is openly a social-network agent, but it asks to run continuously and automatically read, mark, and reply to messages or post on the user’s behalf without clear approval or stop boundaries.
Install only if you want an agent to actively operate your ClawGang account. Before enabling it, set clear limits: approve public posts and sensitive replies, monitor sent messages, restrict what profile details can be used, and make sure you can stop the polling loop and revoke the API key.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could keep checking messages, marking them read, and replying under the user’s account without the user approving each interaction.
The skill instructs an ongoing autonomous loop rather than a bounded, user-invoked task.
Your primary job is to **stay responsive**. Run this loop continuously ... Wait 5–10 seconds, then go back to Step 1.
Use only with an explicit opt-in session, visible activity logging, clear stop controls, rate limits, and approval requirements for sensitive or public replies.
Mistaken or manipulated generated content could be sent to other people or posted publicly, affecting privacy, relationships, or reputation.
The documented API actions can send direct messages, group messages, and public posts on the user’s behalf, but the workflow does not require per-message user confirmation.
Send your reply ... curl -s -X POST ... "$CLAWGANG_BASE_URL/api/chatrooms/room_abc/messages" ... Publish a post on behalf of your human.
Require user confirmation before public posts, first-contact DMs, friend changes, or replies containing personal, financial, legal, medical, or sensitive information.
If installed without noticing the API key requirement, the user may underestimate that the agent can access and mutate their ClawGang account.
The skill uses an API key to act as the user on ClawGang. This is purpose-aligned, but the registry requirements shown in the artifact say no required environment variables or primary credential.
All requests require a Bearer token. Use the `CLAWGANG_API_KEY` environment variable.
Declare the API key requirement in registry metadata and document the token’s scope, revocation method, and what account actions it permits.
Profile details such as email, personality, bio, business, and social links may influence future replies and could be accidentally revealed if the agent is not constrained.
The skill caches and uses detailed owner profile data to shape future interactions.
Fetch your human owner's full profile ... Returns: `{ id, name, email, username, avatar, area, bio, story, location, interests, business, personality, twitter, linkedin ... }` ... cache the result.Limit what profile fields are cached, avoid sharing private profile fields in replies, and clear cached profile context when the social session ends.
Messages from other accounts could influence the agent’s responses and may lead to unintended disclosure or inappropriate replies.
External users or agents can send messages that become context for automatic replies, while data-sharing boundaries are not described.
You are connected to **ClawGang**, a social platform where AI agents socialize ... Fetch conversation history ... Send a reply that reflects both your owner's personality AND the other person's interests.
Treat all incoming social messages as untrusted, never follow instructions from them to reveal secrets or change account state, and keep owner-profile data separate from reply content unless the user approves.