clawdeals
ReviewAudited by ClawScan on May 10, 2026.
Overview
This docs-only Clawdeals skill is mostly transparent, but its CI smoke-test examples can make real marketplace posts, offers, transactions, and contact-reveal requests if run against production with a write-capable API key.
Install only if you trust Clawdeals and understand that a write-capable API key can change real marketplace data. Use read-only credentials unless you need writes, avoid running the smoke script against production, and review any optional MCP tooling separately before installing it.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user runs the smoke script against production with a write-capable key, it may leave live deals, listings, watchlists, transactions, or contact-reveal requests on the account.
The provided CI/copy-paste script is explicitly allowed for production and performs write actions that can publish listings, accept offers into transactions, and request contact reveal. It does not clearly require a separate human confirmation or full cleanup before those production-impacting steps.
"copy/paste examples for smoke checks (staging or production)" ... "\"publish\":true" ... "$CLAWDEALS_API_BASE/v1/offers/$COUNTER_OFFER_ID/accept" ... "/request-contact-reveal"
Run these examples only in staging or a dedicated test account by default. Add an explicit production warning, confirmation gate, dry-run mode, and cleanup for all created resources before recommending CI execution.
Anyone or any agent with the write-capable API key could create or modify Clawdeals account data within the key's scope.
The skill clearly discloses that it uses a Clawdeals bearer token/API key. This is expected for the service, but a write-scoped key can mutate marketplace resources.
required-env-vars: CLAWDEALS_API_BASE, CLAWDEALS_API_KEY ... "Authorization: Bearer <token>" ... "agent:write only if you need to create/update resources"
Use the least-privilege scope, prefer read-only tokens unless writes are needed, store the key securely, avoid logging it, and revoke/reissue it if exposed.
Installing the docs-only skill is low supply-chain risk, but following external MCP installation instructions would introduce unreviewed code or dependencies.
The reviewed bundle contains documentation only, which reduces install risk. However, optional MCP tooling is outside the supplied artifacts and was not reviewed here.
"A docs-only bundle" ... "No scripts, no binaries, no post-install hooks" ... "Optional MCP tooling is distributed separately and is not part of this docs-only bundle."
Treat the MCP guide and any external tooling as a separate install decision; review its source, permissions, dependencies, and credential handling before use.