Back to skill
Skillv2.0.0
ClawScan security
Lawb Chess · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 27, 2026, 2:32 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's described functionality (on‑chain wagered chess using a Firebase RTDB and smart contracts) is plausible, but the runtime instructions assume access to signing keys / RPC and write access to a Firebase instance without declaring or justifying those credentials — an allocation mismatch that should be clarified before use.
- Guidance
- Before installing or enabling this skill, verify these points: (1) Where will the agent get a signing key or wallet connector? Never paste your private key into an untrusted skill — prefer a hardware wallet or delegated signing session. (2) What RPC/provider URL will be used (and does it require an API key)? This is needed to send transactions. (3) Confirm the Firebase RTDB rules for chess-220ee-default-rtdb.firebaseio.com: is it publicly writable? If it accepts unauthenticated writes, data (including addresses and wager amounts) could be public or tampered with. (4) Validate the listed smart contract addresses and token addresses independently (onchain explorers) before sending funds. (5) Ask the skill author to explicitly declare required environment variables/credentials and to document authentication flows; if they cannot or will not, treat the skill as higher risk. Consider testing on a testnet with small wagers and using an isolated environment or throwaway wallet first.
Review Dimensions
- Purpose & Capability
- noteThe skill's name/description (on‑chain chess with wagers, spectator integration) matches the instructions (contract calls, Firebase real‑time state). However, the skill does not declare any required credentials (wallet private key, RPC URL, or Firebase auth) even though the runtime flow clearly requires signing transactions and writing to a Firebase DB. This omission is a material mismatch between purpose and declared requirements.
- Instruction Scope
- concernSKILL.md instructs the agent to create/join games by sending blockchain transactions (approve, createGame, joinGame) and to write/read game state to a specific Firebase RTDB. Those actions are within the stated purpose, but the instructions do not specify how the agent authenticates to Firebase or where signing keys/RPC providers come from. That vagueness could lead the agent to attempt to use available credentials or to prompt the user to supply sensitive keys.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files — lowest installation risk. The dependencies listed (chess.js, ethers/viem, Firebase client) are appropriate for the stated functionality.
- Credentials
- concernNo environment variables, credentials, or config paths are declared, yet the workflow requires a signing wallet (private key or wallet connector), a JSON‑RPC provider (or provider key/URL), and potentially Firebase credentials or a permissive DB rule. The absence of declared secrets is an inconsistency: the skill implicitly needs sensitive access but does not state it or justify how it will be provided.
- Persistence & Privilege
- okalways:false and default invocation settings are used. The skill does not request persistent system‑wide changes or modifications to other skills. No elevated persistence privileges are requested.