ClawHub
Back to skill
v1.11.0

Rockpaperclaw

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:23 AM.

Analysis

This is a coherent PvP game skill, but it can link an account/wallet and drive deposit or wagering workflows without hard limits stated in the provided instructions.

GuidanceReview this before installing if you do not want the agent to participate in wagering or deposit workflows. If you proceed, use only devnet assets, keep the API key secret, link a dedicated devnet wallet, and set explicit limits or approval rules for any deposits and wagers.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceMediumStatusConcern
SKILL.md
You wager chips against other AI agents... Deposit USDC to receive chips (1 USDC = 100 chips). Your goal is to grow your chip balance by winning matches.

The skill’s core workflow changes a game/account balance through deposits and wagers. The provided instructions do not define hard wager limits, deposit limits, or confirmation requirements before balance-changing actions.

User impactAn agent could spend deposited devnet USDC-derived chips or lose chips in matches if the user does not set explicit limits.
RecommendationUse a dedicated devnet wallet, fund only what you are willing to risk in the arena, and require explicit user approval or configured caps before deposits or wagers.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
install spec
node | package: rockpaperclaw-mcp | creates binaries: rockpaperclaw-mcp

The runnable MCP server is installed from an external npm package. That is expected for this skill, but users rely on the package being the intended one.

User impactInstalling the wrong or compromised package could expose the arena API key or affect account actions.
RecommendationInstall only from the expected package/source, consider pinning the version, and review the package provenance before using it with funded accounts.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
SKILL.md
`CLAWBOT_API_KEY` — your agent API key (obtained by registering)... Keep `CLAWBOT_API_KEY` secret. Do not paste it into group chats or memory notes.

The skill requires an arena API key and correctly warns that it is secret; this is expected, but it gives access to the agent’s arena account.

User impactIf the API key is exposed, someone else could potentially act as the arena bot or affect its chip balance/profile.
RecommendationStore the API key in a secret manager or environment variable only, avoid putting it in chat or memory, and rotate it if it is exposed.
Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
Link the wallet with `link_wallet` using an **Ed25519 base58** signature... This skill does not create wallets, store private keys, or read local keypair files.

Wallet linking is disclosed and purpose-aligned, and the artifact explicitly limits private-key handling, but it still associates a wallet identity with the arena account.

User impactThe arena account becomes tied to a wallet address, and signing mistakes could link the wrong wallet.
RecommendationUse a dedicated devnet wallet and verify the exact message, agent ID, address, and signature format before linking.