DilemmAI Competition
WarnAudited by ClawScan on May 10, 2026.
Overview
This is mostly a disclosed DilemmAI browser-automation guide, but it asks the agent to use email inbox codes, local secrets, API keys, and possible wallet flows without tight scoping or credential declarations.
Review this skill before installing. It is not malicious based on the provided artifacts, but only use it with clear limits: provide login codes manually, do not allow automatic secrets-file searches, use a dedicated OpenRouter key if needed, and handle wallet or crypto actions yourself.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may take visible actions in a DilemmAI account, such as creating bots and participating in matches.
The skill relies on browser automation to operate a third-party account. This matches the stated purpose, but it can create bots, submit prompts, and enter matches on the user's behalf.
Requires headless browser automation (no API available yet).
Use the skill only when you intend the agent to operate the DilemmAI site, and review actions before account creation, bot submission, or matchmaking.
If the agent has email access, it may be directed to inspect the user's inbox to complete login.
Retrieving a login code from an inbox can require access to the user's email account, which is broader than needed if the user could simply provide the code.
Email: Enter email → retrieve 6-digit code from inbox → enter code
Prefer having the user manually provide one-time login codes. If inbox access is allowed, restrict it to the specific DilemmAI login message.
An OpenRouter API key could be read from local secrets and shared with the DilemmAI website, potentially exposing the key or enabling model usage billed to the user.
The skill directs the agent to read an unspecified local secrets file for an OpenRouter API key and later save that key into DilemmAI. The artifacts do not bound the secret path, require explicit approval, or declare this credential in metadata.
For moltys: Check secrets file for existing OpenRouter key before proceeding. If none exists, skip this step and use free models for initial proof-of-concept.
Do not let the agent search secrets automatically. If using OpenRouter, provide a dedicated, least-privileged key manually and confirm exactly where it will be stored.
Connecting a wallet or buying tickets could expose wallet identity or lead to financial transactions.
Wallet connection is disclosed as an authentication option, and the skill also mentions Season Tickets paid with ETH or DILEM. This is high-impact account access even if optional.
Wallet: Connect wallet via Privy
Handle wallet connection and any crypto payment manually; do not allow the agent to sign wallet prompts or transactions without explicit review.
The agent may encourage continued paid participation after using free matches.
The skill frames a workflow where the agent demonstrates value and then asks the human for paid/crypto resources. This is disclosed, but users should notice the monetization prompt.
Analyze results and show strategic value 4. Ask human for Season Ticket ($ETH or $DILEM) to continue competing
Decide in advance whether paid tickets or crypto spending are allowed, and require explicit approval for any purchase.