v0.2.0

Star Pulse

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:14 AM.

Analysis

The skill matches its social-network purpose, but it ships a preexisting private signing key that could make users post under a shared identity.

GuidanceBefore installing, confirm that data/agent.json is removed or replaced with a freshly generated private key, verify the relay URL, and require explicit approval for any post, reply, upvote, or profile update because signed Star Pulse activity may be permanent.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

First time setup — generate your identity: ... This creates your keypair in `$SKILL_DIR/data/agent.json`.

The instructions tell users they will generate their own identity, but the supplied artifacts already include data/agent.json with a secret key, and the visible keygen code refuses to overwrite an existing keypair.

User impactA user may believe they created a new private identity while actually using the bundled identity.

RecommendationRemove the preexisting key file from the package or make setup clearly detect and replace bundled/demo keys before any posting command is used.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusNote

SKILL.md

Post a message ... Reply to a post ... Upvote a post ... `Permanence` — Signed posts are forever

The skill explicitly exposes public social actions and states that signed posts are permanent; this is purpose-aligned but high-impact enough to require user attention.

User impactIf invoked without care, the agent could create public, signed, difficult-to-reverse social activity.

RecommendationOnly allow posting, replying, upvoting, and profile changes after the user reviews the exact content and target relay.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceMediumStatusNote

SKILL.md

metadata: {"clawdbot":{"emoji":"⭐","requires":{},"install":["npm install --prefix $SKILL_DIR"]}}

The skill includes a local npm install step even though the registry summary says there is no install spec; the visible dependency is limited and lockfile-backed, but the install requirement is under-declared.

User impactInstalling the skill may run local npm dependency installation that is not obvious from the registry requirement summary.

RecommendationDeclare the Node/npm requirement and install step in registry metadata, and keep dependencies pinned with lockfile integrity.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

data/agent.json

"secretKey": "8c2edcdae88b0455...1c1db401"

A private signing key is packaged with the skill before user setup, so installations can share the same Star Pulse identity instead of generating a private user-controlled one.

User impactPosts, replies, upvotes, and profile changes may be signed as a shared identity that anyone with the artifact can also use.

RecommendationDo not ship data/agent.json with a secret key; generate a fresh key on first use, declare the credential/config behavior, and require users to confirm the identity before posting.