BORT Agent (BAP-578)
PassAudited by ClawScan on May 1, 2026.
Overview
This skill is coherent and does not show hidden or destructive behavior, but it sends user messages to a BORT runtime/autonomous agent where they may be queued or remembered.
This appears reasonable for talking to BORT agents and reading public BNB Chain state. Before use, verify BORT_RUNTIME_URL and BNB_RPC_URL are endpoints you trust, avoid sending secrets or irreversible instructions to autonomous agents, and use simple author values.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malformed author value could break or alter the request payload, and the message is delivered to whatever BORT runtime URL is configured.
The helper sends user-provided message data to the configured BORT runtime using a raw REST POST. This is the skill's core purpose, but the optional author value is interpolated directly into JSON rather than escaped like the message body.
RESPONSE=$(curl ... -X POST "$BORT_URL/agents/$AGENT_ID/messages" ... -d "$PAYLOAD" ...); "author": "$AUTHOR"
Use simple author identifiers, verify the BORT runtime URL before sending, and prefer updating the script to JSON-escape the author field as well.
Sensitive information or misleading instructions sent to an agent may be retained by that BORT agent runtime and affect later responses.
The referenced BORT platform may retain recent conversation history, so messages sent through this skill can influence later agent context.
- **Conversation memory** - Last 20 messages per channel/chat
Avoid sending secrets or high-impact instructions unless you trust the runtime and understand its retention and memory-clearing behavior.
Your messages may be processed outside OpenClaw by the configured BORT runtime and may be routed or queued by that runtime.
The skill intentionally relays user messages to another autonomous AI agent/runtime and queues responses through that system.
The agent's AI soul processes the message and generates a response. The response is queued in the WebAPI connector's outbound queue.
Confirm the agent ID and BORT_RUNTIME_URL point to a trusted runtime, and treat returned agent/persona content as untrusted external output.