Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Oraclaw Bandit
v1.0.0A/B testing and feature optimization for AI agents. Pick the best option automatically using Multi-Armed Bandits and Contextual Bandits (LinUCB). No data war...
⭐ 0· 47·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description align with requiring an API key for an external optimization service. Asking for a single ORACLAW_API_KEY is consistent with a hosted optimization API. Minor oddity: SKILL.md refers to a local/remote 'oraclaw-mcp/index.ts' to be executed via npx, which is not packaged with the skill and is not explained in the metadata.
Instruction Scope
SKILL.md instructs agents to add an MCP server executed via `npx tsx path/to/oraclaw-mcp/index.ts`. That instruction is vague about where the file comes from and what that MCP server will do. The skill asks agents to send context/history and rewards to the optimization tool (which may include user data or PII) but does not document endpoints, telemetry, or exactly how ORACLAW_API_KEY is used. This grants broad discretion and could result in transmitting sensitive conversational context to an external service.
Install Mechanism
There is no formal install spec or bundled code (instruction-only), which limits on-disk footprint. However, the instructions encourage running `npx tsx ...` at runtime — npx may fetch packages from npm (or execute remote paths), so following the instruction could cause arbitrary code downloads/exec without a vetted install step.
Credentials
Only ORACLAW_API_KEY is required and is appropriate for a hosted optimization API. The SKILL.md does not show how the key is used or scoped. Because the skill transmits 'context' and 'history' for contextual bandits, there's a real risk of sending sensitive data along with the API key unless usage is documented and limited.
Persistence & Privilege
Skill does not request always:true, does not ask to modify other skills or system-wide settings, and has no install that would force permanent presence. Default autonomous invocation is allowed but is not by itself a red flag here.
What to consider before installing
What to consider before installing or using this skill:
- Treat the ORACLAW_API_KEY as a real credential: only provide it after you verify the service and understand how it is used.
- Ask the vendor for the oraclaw-mcp source (or an official npm package) and inspect it before running. The SKILL.md tells you to run `npx tsx path/to/oraclaw-mcp/index.ts` — do NOT run that command with an unreviewed path or package.
- Verify the endpoints and data flows: what exactly is sent (context vectors, history, user identifiers), where (domain/host), and whether traffic is encrypted. Confirm a privacy policy and data retention rules.
- Start with non-sensitive, synthetic test data to observe behavior and costs. The skill charges $0.01/call (USDC on Base) and advertises a free tier; confirm billing details and the account/address used for payments.
- Limit the scope of data sent: avoid including PII or secrets in context/history. If the optimization requires user-related signals, ask for a minimal, anonymized feature vector.
- If you test and then revoke access, rotate the ORACLAW_API_KEY if you suspect it was misused.
- If the provider cannot supply or permit you to audit the oraclaw-mcp code or clearly document API endpoints and data handling, treat the integration as higher-risk and prefer alternatives with transparent implementations.Like a lobster shell, security has layers — review code before you run it.
latestvk97eepgasawgcrm69c6232phq983qf3f
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🎰 Clawdis
EnvORACLAW_API_KEY
Primary envORACLAW_API_KEY