ClawDiscover
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: clawdiscover Version: 1.0.0 The skill's primary function is agent-centric service discovery, which inherently involves making network requests to `https://clawdiscover.com`. The `SKILL.md` and `skill.json` instruct the agent to perform `curl` or `fetch` operations to this domain for browsing, discovering, or submitting services. While these are network calls, they are directly aligned with the stated purpose, are transparently defined, and do not involve any malicious execution patterns (e.g., `curl | bash`, downloading remote payloads), data exfiltration beyond what's explicitly provided by the agent (like its own `agentId` or `webhookUrl`), or prompt injection attempts to subvert the agent's behavior.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your agent could continue checking ClawDiscover periodically in the background if you add the heartbeat or cron configuration.
The skill recommends recurring autonomous polling. This is disclosed and purpose-aligned, but it means the agent may keep contacting the external service until the schedule is removed.
Add to your heartbeat checks (every 6 hours recommended)
Only enable the schedule if you want recurring checks, keep the action limited to notification, and avoid automatic installation or use of discovered services.
If configured with x402 payment capability, the agent could incur small charges when using premium discovery, feed, or subscription endpoints.
The skill documents optional paid API endpoints. The costs are disclosed and no credential capture is shown, but using them may require payment authority.
Paid Endpoints (x402) ... GET /api/v1/discover | $0.001 ... POST /api/v1/subscribe | $0.01
Set explicit spending limits or approval requirements for x402 requests, especially before combining paid endpoints with scheduled checks.
Your agent may expose a callback endpoint and receive external notifications that should not be treated as trusted instructions.
The subscription example shares an agent identifier, categories of interest, and a webhook URL with the external service, and it implies inbound webhook messages.
POST /api/v1/subscribe ... {"agentId":"myagent","categories":["trading"],"webhookUrl":"https://myagent.com/webhook"}Use a dedicated webhook URL with authentication or a secret, verify message origin, and treat webhook payloads as untrusted data for human review.