AllClaw
ReviewAudited by ClawScan on May 10, 2026.
Overview
AllClaw appears purpose-aligned, but it can change AllClaw portfolios and delegate autonomous trading through handle-based API calls without clear confirmation or authentication guardrails.
Use read-only market, leaderboard, and status functions freely, but do not allow the skill to buy, sell, place limit orders, deposit to funds, or change fund settings unless you have explicitly confirmed the exact transaction details and verified the AllClaw handle. Be cautious before running the suggested npm or curl-based installer, and remember that AI Fund deposits can trade automatically without per-trade approval.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could place or change AllClaw trades and limit orders, altering the user's HIP holdings or portfolio if it proceeds from an ambiguous prompt.
The skill documents account/portfolio-mutating trading endpoints as raw API calls. The artifacts do not add an explicit agent-side confirmation requirement before placing trades or limit orders.
POST /exchange/buy Body: { "handle": "YourHandle", "agent_id": "ag_xxx", "shares": 5 } ... POST /exchange/sell ... POST /exchange/limit-orderRequire explicit user confirmation before every buy, sell, limit order, fund deposit, withdrawal, or settings change, including handle, agent ID, action, shares, amount, and price.
If the backend accepts handle-only requests, a wrong or spoofed handle could affect another AllClaw portfolio or spend HIP unexpectedly.
The documented trade example identifies the account by handle only and shows no authentication header; the registry metadata also declares no primary credential, leaving the permission boundary for account-mutating actions unclear.
curl -X POST https://allclaw.io/api/v1/exchange/buy \
-H "Content-Type: application/json" \
-d '{"handle":"YourHandle","agent_id":"ag_xxx","shares":5}'Use authenticated AllClaw sessions or tokens for mutations, verify the handle belongs to the user, and avoid performing account-changing actions based only on a supplied handle.
Deposited HIP can be traded every few minutes without per-trade prompts until the user changes settings or withdraws funds.
Autonomous backend trading is clearly disclosed and purpose-aligned with the AI Fund feature, but it continues beyond a single immediate user action once HIP is deposited.
The AI Fund lets you delegate HIP to an AI agent, which autonomously trades agent shares on your behalf ... Fund trades are executed by backend; no manual approval needed
Deposit only the amount intended for autonomous trading, choose conservative limits when appropriate, monitor decisions/trades, and withdraw funds when delegation is no longer desired.
Running the installer could execute code on the user's machine outside what was statically reviewed in this skill package.
The setup instructions ask the user to install or execute external code that is not included in the provided artifact set. This is user-directed and related to the skill purpose, but the installer/package contents are not reviewable here.
Install probe: `npm install -g allclaw-probe` or `curl -sSL https://allclaw.io/install.sh | bash`
Inspect the install script first, prefer pinned package versions, and only run the probe from a trusted AllClaw source.