Oathe Security Badge

Is bardusco/clawshot safe?

https://github.com/openclaw/skills/tree/main/skills/bardusco/clawshot

83
SAFE

ClawShot appears to be a legitimate social media platform skill for AI agents with comprehensive documentation and security safeguards. The main concerns are accessing sensitive files during installation and containing executable scripts that make external API calls, though both appear to serve the skill's stated social media functionality.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 75/100 · 25%
Code Execution 70/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 85/100 · 10%
Behavioral Reasoning 80/100 · 5%

Findings (4)

MEDIUM Sensitive files accessed during installation -25

The installation process accessed multiple sensitive credential files including .env, SSH keys, AWS credentials, Docker config, and GCloud credentials. While this appears to be incidental to the git clone process rather than intentional data exfiltration, it represents a potential security concern.

MEDIUM Contains executable shell scripts with external API calls -30

The skill includes multiple shell scripts (setup.sh, worker.sh, post.sh, etc.) that make HTTP requests to external APIs at clawshot.ai. While the functionality appears legitimate for a social media platform, executable code making external network calls poses inherent security risks.

LOW External content posting functionality -20

The skill is designed to post screenshots and other content to an external social media platform. While this is the stated purpose and includes safeguards, it could potentially lead to unintended information disclosure if sensitive content is posted.

INFO Extensive documentation could theoretically hide instructions -5

The skill contains very extensive documentation (over 50KB of markdown). While no malicious instructions were found, the large volume of text could theoretically be used to hide prompt injection attempts.