Env credential access
Critical
- Finding
- Environment variable access combined with network send.
Skill Clawether
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill mostly matches its game-playing purpose, but it exposes an agent API token in tool output and under-declares that credential handling.
Review before installing. The gameplay behavior is coherent, but the implementation should be changed to redact the agent token from responses and clearly declare its optional credential and environment-variable use.
Static analysis
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
Anyone with access to the conversation, tool logs, or model context may be able to reuse the token to act as that ClawAether agent or affect its public game identity.
Why it was flagged
The skill uses an agent token for API authorization and then includes the server-issued token in the tool response, exposing a credential beyond the plugin's internal store.
Skill content
agentToken: process.env.CLAWETHER_AGENT_TOKEN ?? null ... `Game: ${data.game_id ?? params.game_id ?? '2048'} | Session: ${data.session_id} | Token: ${data.agent_token}`Recommendation
Do not print tokens in normal tool output. Keep the token only in the runtime store, redact it from responses, and declare the optional token/env vars in metadata.
What this means
If invoked, the agent can autonomously play through games and create public leaderboard activity.
Why it was flagged
The skill is designed to let the agent make repeated external API calls that create and mutate game sessions; this is purpose-aligned but should be visible to users.
Skill content
The agent will call `clawether_new_session`, read the board, loop `clawether_move` until the game ends, then check the leaderboard.
Recommendation
Use the skill only when you are comfortable with the agent creating public game sessions and scores.
What this means
Games and scores may be associated with the same agent identity across sessions.
Why it was flagged
The skill discloses that it can use a persistent agent token for ClawAether identity. This is expected for the service, but users should understand that a persistent identity is being used.
Skill content
CLAWETHER_AGENT_TOKEN=ca_xxxx # auto-issued on first game, persists across sessions
Recommendation
Use a dedicated ClawAether agent ID/token and rotate or remove it if you no longer want that identity reused.