ClawHub

Godot Engine 3d Developer

PassAudited by VirusTotal on May 11, 2026.

Overview

Type: OpenClaw Skill Name: godot-engine-3d-developer Version: 0.1.0 The skill bundle is classified as suspicious due to several parameters in `SKILL.md` that, while not inherently malicious, expose significant vulnerabilities if the backend or worker systems are not robustly secured. Specifically, the `convert_asset_format` skill's `path_pattern` and `options` parameters could be exploited for remote code execution or arbitrary file access on backend workers. Other skills like `run_game_build` (`build_preset`, `notes`), `register_3d_asset` (`source_path`), `analyze_scene_performance` (`scene_path`), and `bake_level_content` (`scene_path`) also present potential path traversal or command injection risks. Additionally, numerous free-form text fields (e.g., `log_text`, `repro_steps`, `notes`) could be vectors for prompt injection or cross-site scripting in downstream systems. While the agent's usage guidelines are benign, the skill definitions provide means for exploitation.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Note
ASI02: Tool Misuse and Exploitation
What this means

The agent may create or change project tasks and trigger builds when using the skill.

Why it was flagged

The skill documents tool-like workflows that can mutate project-management records and start build jobs. This is aligned with the game-development purpose, but users should notice the actions are not read-only.

Skill content
Creates a task in the project management system. ... Applies partial updates. ... Enqueues a build job.
Recommendation

Install only in workspaces where the agent is allowed to make project-management updates and start build jobs; review requested task/build parameters before approving important changes.

Note
ASI03: Identity and Privilege Abuse
What this means

The agent's actions may use whatever Tasking.tech or project permissions are available to it.

Why it was flagged

The workflows assume access to project/workspace resources and user handles. No credentials are declared, and this is expected for a project-management skill, but the effective permissions come from the runtime or platform account.

Skill content
`project_id` (string, required) ... `assignee` (string, optional) – User id or handle. ... `task_id` (string, required).
Recommendation

Use least-privilege project access and avoid granting the agent broader workspace permissions than needed for the specific Godot project.

Note
ASI07: Insecure Inter-Agent Communication
What this means

Build or test instructions, branch names, repo paths, and status results may be handled by external backend/worker infrastructure.

Why it was flagged

The skill describes a backend-to-worker job flow. This is expected for CI/build automation, but it means project job details may pass through Tasking.tech and worker systems.

Skill content
The agent never accesses machines directly. It calls skills  backend enqueues jobs  workers execute and report back.
Recommendation

Confirm that Tasking.tech and any configured workers are trusted for the project data and branches the agent will reference.