MantisBT Manager
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: mantis-manager Version: 0.0.1 The skill is designed for comprehensive management of Mantis Bug Tracker via its REST API. All documented functionalities, including dynamic instance switching, context-aware URL/token resolution, and administrative operations like user/token management and impersonation, are clearly aligned with the stated purpose. While the skill instructs the AI agent to manage internal context variables (e.g., `Set temporary_base_url`), this is an intentional design pattern for the skill's functionality to handle multi-instance scenarios, not a malicious prompt injection attempting to subvert the agent's core purpose or exfiltrate data. No evidence of unauthorized data exfiltration, malicious execution, persistence, or obfuscation was found across SKILL.md and README.md.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used with a powerful token, a mistaken or over-broad request could change accounts, permissions, tokens, or system configuration in MantisBT.
The skill documents broad administrative write operations over users, passwords, API tokens, permissions, and configuration, but the provided artifacts do not describe approval gates or rollback/containment controls for these high-impact actions.
Users - ✅ CRUD complet - ✅ Réinitialisation de mot de passe - ✅ Génération de tokens API - ✅ Gestion des permissions Configuration - ✅ Lecture/modification des options
Use a least-privilege Mantis token, require explicit confirmation before user/configuration/password/token changes, and verify the target instance and operation before allowing writes.
The agent may be able to act as another Mantis user or perform administrator-level actions, affecting auditability and account boundaries.
The skill explicitly supports administrator-token use and impersonation of another user. This is a legitimate Mantis admin feature, but it is high-impact delegated authority and the artifacts do not bound it to specific safe operations or require explicit admin confirmation.
Set user_token = "admin_token" // Perform operation as specific user Set temporary header: X-Impersonate-User = "john.doe"
Only enable impersonation with dedicated admin workflows, require explicit confirmation for each impersonated action, and keep audit logs of the target user and operation.
A token or instance selected earlier in the session could be reused for later Mantis actions if the user forgets to clear it.
The skill stores user-provided tokens and base URLs in session context. This is disclosed and useful for multi-instance use, but sensitive context can influence later operations if not cleared.
Set user_token = "personal_token_123" ... perform multiple operations ... // Values persist for the entire session
Clear session context after using temporary or client-specific credentials, and avoid pasting high-privilege tokens unless necessary.
A mistake in selected instance or token could affect the wrong client or production Mantis system.
Session-scoped instance switching means later operations can continue to target a selected client, staging, or production instance. Combined with the skill's broad write/admin capabilities, a stale context could send changes to the wrong environment.
→ Set user_base_url = "https://client-abc.mantis.com/api/rest" → Set user_token = "client_abc_token" → All subsequent operations use this instance
Before any write, delete, password, token, permission, configuration, or impersonation action, display the current base URL/account and ask the user to confirm.