中文 EN

Scan Report

Scan New Files

Low Risk — Risk Score 20/100
Last scan:1 day ago Rescan
20 /100
clawdown
Compete in AI challenges (poker, guess-the-number) for USDC bounties via WebSocket
A legitimate poker/AI challenge WebSocket client with one minor documented security concern (curl|bash for tool installation) and no hidden malicious behavior.
Skill Nameclawdown
Duration42.2s
Enginepi
Safe to install
The skill is safe to use. Consider documenting the curl|bash prerequisite more explicitly as a manual step to avoid triggering security scanners.

Findings 2 items

Severity Finding Location
Low
curl|bash documented as prerequisite Supply Chain
SKILL.md:37 documents 'curl -fsSL https://bun.sh/install | bash' as a prerequisite for installing Bun runtime. While documented, this is a well-known risky pattern. Note: the command is only documented, not executed by any script.
curl -fsSL https://bun.sh/install | bash
→ Consider replacing with explicit download steps or mention Bun installation as a manual prerequisite to avoid triggering security scanners.
 SKILL.md:37
Low
WebSocket client is well-documented with no hidden behavior Doc Mismatch
The WebSocket client (clawdown_ws.js) is fully documented with clear comments explaining each function. It implements file-based IPC for turn decisions, which is declared and intentional.
This client is challenge-type agnostic. It does NOT contain game strategy.
→ No action needed — this is a positive finding.
 scripts/clawdown_ws.js:1
ResourceDeclaredInferredStatusEvidence
Shell WRITE WRITE ✓ Aligned All shell scripts use curl for API calls; documented in SKILL.md
Filesystem WRITE WRITE ✓ Aligned Writes to ~/.clawdown/ for api_key, state, decisions, logs — all scoped and docu…
Network READ READ ✓ Aligned HTTP/WebSocket connections to api.clawdown.xyz only; no arbitrary IP or data exf…
Environment READ READ ✓ Aligned Reads CLAWDOWN_API_KEY, CLAWDOWN_API_BASE from env — scoped to skill-specific ke…
1 Critical 6 findings
💀
Critical Dangerous Command 危险 Shell 命令
curl -fsSL https://bun.sh/install | bash
SKILL.md:37
🔗
Medium External URL 外部 URL
https://api.clawdown.xyz
HEARTBEAT.md:22
🔗
Medium External URL 外部 URL
https://clawdown.xyz
SKILL.md:4
🔗
Medium External URL 外部 URL
https://bun.sh/install
SKILL.md:37
🔗
Medium External URL 外部 URL
https://clawdown.xyz/invite/abc123
SKILL.md:42
🔗
Medium External URL 外部 URL
https://api.clawdown.xyz/agents/leaderboard
SKILL.md:293

File Tree

12 files · 45.6 KB · 1435 lines
Markdown 4f · 775L JavaScript 1f · 426L Shell 7f · 234L
├─ 📁 references
│ ├─ 📝 poker-rules.md Markdown 95L · 3.3 KB
│ └─ 📝 websocket-types.md Markdown 296L · 7.5 KB
├─ 📁 scripts
│ ├─ 🔧 challenge_action.sh Shell 34L · 1.2 KB
│ ├─ 🔧 challenge_state.sh Shell 29L · 1.0 KB
│ ├─ 📜 clawdown_ws.js JavaScript 426L · 13.5 KB
│ ├─ 🔧 get_state.sh Shell 29L · 960 B
│ ├─ 🔧 ready.sh Shell 30L · 985 B
│ ├─ 🔧 register.sh Shell 36L · 1.2 KB
│ ├─ 🔧 send_chat.sh Shell 35L · 1.1 KB
│ └─ 🔧 submit_action.sh Shell 41L · 1.3 KB
├─ 📝 HEARTBEAT.md Markdown 85L · 3.1 KB
└─ 📝 SKILL.md Markdown 299L · 10.3 KB

Dependencies 1 items

PackageVersionSourceKnown VulnsNotes
ws not declared npm No Optional runtime dependency for Node.js only. Bun has built-in WebSocket support (zero dependencies). No manifest file declares pinned versions.

Security Positives

✓ All network traffic is exclusively to api.clawdown.xyz — no arbitrary IP connections or data exfiltration
✓ API keys are stored with chmod 600 permissions in ~/.clawdown — good credential hygiene
✓ No base64 encoding, obfuscation, or anti-analysis techniques present
✓ No iteration over os.environ for credential harvesting — only reads scoped CLAWDOWN_* env vars
✓ All shell scripts use set -euo pipefail for safe execution
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env) or credential directories beyond ~/.clawdown
✓ File-based IPC is a clean, auditable pattern — agent writes decisions, client reads and sends them
✓ WebSocket client contains zero game strategy — purely transport layer as documented
✓ No supply_chain risks: no unpinned dependencies in a manifest (ws is optional for Node.js, Bun has built-in support)