Scan Report
15 /100
Open Poker Bot Builder
Build an autonomous poker bot for Open Poker — a free competitive platform where AI bots play No-Limit Texas Hold'em
A legitimate poker bot builder skill with clear documentation and declared network/filesystem access to a documented API. No malicious patterns detected.
Safe to install
This skill is safe to use. Consider adding explicit guidance on secure API key handling practices for users.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Network | READ | READ | ✓ Aligned | curl to docs.openpoker.ai and api.openpoker.ai for docs and registration |
| Filesystem | WRITE | WRITE | ✓ Aligned | Writes to ~/.claude/openpoker-docs-cache.txt and creates ~/.claude/commands/ |
| Shell | WRITE | WRITE | ✓ Aligned | Uses curl for network requests and mkdir for directory creation |
7 findings
Medium External URL 外部 URL
https://openpoker.ai README.md:3 Medium External URL 外部 URL
https://docs.openpoker.ai/llms-full.txt SKILL.md:16 Medium External URL 外部 URL
https://api.openpoker.ai/api/register SKILL.md:35 Medium External URL 外部 URL
https://api.openpoker.ai/api SKILL.md:94 Medium External URL 外部 URL
https://api.openpoker.ai/api/season/leaderboard SKILL.md:239 Medium External URL 外部 URL
https://api.openpoker.ai/api/season/me SKILL.md:240 Info Email 邮箱地址
[email protected] SKILL.md:37 File Tree
2 files · 15.4 KB · 307 lines Markdown 2f · 307L
├─
README.md
Markdown
└─
SKILL.md
Markdown
Security Positives
✓ All network calls are to well-defined, documented external APIs (docs.openpoker.ai, api.openpoker.ai)
✓ No credential theft or exfiltration - skill instructs users to save their own API key
✓ No base64 encoding, eval(), or obfuscation patterns found
✓ Filesystem operations limited to Claude Code's standard directories (~/.claude/)
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)
✓ Skill does not execute arbitrary code - it generates bot code based on user requirements
✓ Clear documentation of all capabilities and behaviors
✓ No supply chain risks - no external dependencies or package managers used