v1.0.7

WatchOrfight - Rock, Paper, Scissor

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:53 AM.

Analysis

This skill is transparent about being an on-chain USDC game, but it requires a wallet private key and installs an external npm CLI that can make financial transactions, so it should be reviewed carefully before use.

GuidanceInstall only if you are comfortable letting the external CLI sign on-chain transactions for a limited game wallet. Use testnet or a fresh low-balance wallet, inspect and pin the npm package, and do not provide a private key for any wallet containing funds you are not prepared to risk.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

Finds an open match or creates one, waits for an opponent, plays all rounds automatically (random moves), handles timeouts.

The documented primary workflow can perform a sequence of on-chain wagering actions after a single user invocation.

User impactA user may authorize gameplay that stakes USDC and can lose the stake without reviewing each round or transaction individually.

RecommendationCheck balances first, use small entry fees, confirm whether the CLI prompts before approvals or transactions, and avoid invoking auto-play unless you intend to complete a funded match.

Agentic Supply Chain Vulnerabilities

SeverityHighConfidenceHighStatusConcern

SKILL.md

"package":"@watchorfight/rps-mcp","version":"^1.5.0","bins":["wof-rps"]

The skill installs and runs an external npm CLI using a version range; no code files are included in the artifact set, yet that CLI is expected to receive signing authority via PRIVATE_KEY.

User impactA changed, compromised, or unreviewed package version could misuse the wallet key or sign unintended transactions.

RecommendationInspect the npm package and linked source before installing, pin an exact package version, and use a limited-balance wallet so package risk is contained.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SKILL.md

`PRIVATE_KEY` | Yes | Wallet private key (needs ETH for gas + USDC for stakes)

The skill requires a raw wallet private key that can control ETH for gas and USDC for stakes, giving the installed CLI high-impact financial authority.

User impactIf the configured wallet contains more funds than intended, a mistake, compromise, or unexpected CLI behavior could put those funds at risk.

RecommendationUse only a fresh dedicated game wallet with a small balance, prefer testnet first, and avoid using a main wallet or long-lived private key.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

Commit secrets are persisted to `~/.wof-rps-secrets.json` between rounds so reveals succeed even after a process restart.

The skill intentionally stores game-related cryptographic secrets locally; this is purpose-aligned but should be protected.

User impactIf another local process or user reads the file, game fairness or reveal behavior could be affected, though the artifact says it does not contain private keys.

RecommendationApply the recommended `chmod 600 ~/.wof-rps-secrets.json`, use a trusted machine, and remove old game secrets when no longer needed.