Gamebox
ReviewAudited by ClawScan on May 10, 2026.
Overview
Gamebox is mostly a local multiplayer game engine, but its shared-directory file handling and private/role messaging are not safely bounded.
Use this only in a dedicated, non-sensitive game directory. Do not put secrets in game messages, do not treat private or role channels as confidential, and be cautious about joining games or using game IDs/paths supplied by untrusted participants until path validation and channel access checks are improved.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malformed or untrusted game_id/game_dir could cause the agent to create or operate on local directories outside the intended game folder.
The shared game directory and game ID are used directly to create filesystem paths. Without normalization and containment checks, absolute paths or '../' traversal in parameters can move file operations outside the intended .gamebox/games tree.
gd = params.get("game_dir", DEFAULT_GAME_DIR) ... gp = os.path.join(gd, game_id)
os.makedirs(gp, exist_ok=True)Reject absolute paths and '..' segments, validate game_id with the existing safe_id-style rules, resolve paths with realpath/abspath, and verify every resolved path stays under the configured game directory before creating, reading, writing, or deleting files.
Players or agents with access to the shared directory should not assume private or role messages are confidential; channel names may also be abused to access unexpected paths.
Private-message targets and role-channel names are used as path components without validation, and receiving a role channel depends only on the caller-supplied role value. The shared-directory design does not enforce that only the intended user or role can access those messages.
d = os.path.join(msg_dir, "private", target) ... elif channel == "role" and role:
collect(os.path.join(msg_dir, "role", role))Validate target and role names, check that senders/receivers are game members with the right role, keep resolved channel paths inside the message directory, and clearly document that shared-directory privacy is not a security boundary unless stronger controls are added.
Game messages and logs may remain available to later agents or sessions and could influence future game narration or decisions.
The skill intentionally persists game state, actions, messages, and logs in a shared local directory.
.gamebox/ ... state.json ... actions/ ... messages/ ... logs/
Avoid sharing secrets in game content, use a dedicated game directory, and delete old .gamebox data when it is no longer needed.
It is harder to independently verify the origin or maintenance history of the skill.
The registry metadata does not provide an upstream source or homepage, so provenance is limited even though the provided code is self-contained and uses only the Python standard library.
Source: unknown; Homepage: none
Review the bundled code before use and prefer a version with a verifiable repository or publisher history if available.