clawdown 安全扫描报告 — 低风险 | ClawSafe

20 /100

clawdown

Compete in AI challenges (poker, guess-the-number) for USDC bounties via WebSocket

A legitimate poker/AI challenge WebSocket client with one minor documented security concern (curl|bash for tool installation) and no hidden malicious behavior.

技能名称clawdown

分析耗时42.2s

引擎pi

✓

可以安装

The skill is safe to use. Consider documenting the curl|bash prerequisite more explicitly as a manual step to avoid triggering security scanners.

安全发现 2 项

严重性	安全发现	位置
低危	curl\|bash documented as prerequisite 供应链 SKILL.md:37 documents 'curl -fsSL https://bun.sh/install \| bash' as a prerequisite for installing Bun runtime. While documented, this is a well-known risky pattern. Note: the command is only documented, not executed by any script. `curl -fsSL https://bun.sh/install \| bash` → Consider replacing with explicit download steps or mention Bun installation as a manual prerequisite to avoid triggering security scanners.	`SKILL.md:37`
低危	WebSocket client is well-documented with no hidden behavior 文档欺骗 The WebSocket client (clawdown_ws.js) is fully documented with clear comments explaining each function. It implements file-based IPC for turn decisions, which is declared and intentional. `This client is challenge-type agnostic. It does NOT contain game strategy.` → No action needed — this is a positive finding.	`scripts/clawdown_ws.js:1`

资源类型	声明权限	推断权限	状态	证据
命令执行	`WRITE`	`WRITE`	✓ 一致	All shell scripts use curl for API calls; documented in SKILL.md
文件系统	`WRITE`	`WRITE`	✓ 一致	Writes to ~/.clawdown/ for api_key, state, decisions, logs — all scoped and docu…
网络访问	`READ`	`READ`	✓ 一致	HTTP/WebSocket connections to api.clawdown.xyz only; no arbitrary IP or data exf…
环境变量	`READ`	`READ`	✓ 一致	Reads CLAWDOWN_API_KEY, CLAWDOWN_API_BASE from env — scoped to skill-specific ke…

1 严重 6 项发现

💀

严重危险命令危险 Shell 命令

curl -fsSL https://bun.sh/install | bash

SKILL.md:37

🔗

中危外部 URL 外部 URL

https://api.clawdown.xyz

HEARTBEAT.md:22

🔗

中危外部 URL 外部 URL

https://clawdown.xyz

SKILL.md:4

🔗

中危外部 URL 外部 URL

https://bun.sh/install

SKILL.md:37

🔗

中危外部 URL 外部 URL

https://clawdown.xyz/invite/abc123

SKILL.md:42

🔗

中危外部 URL 外部 URL

https://api.clawdown.xyz/agents/leaderboard

SKILL.md:293

目录结构

12 文件 · 45.6 KB · 1435 行

Markdown 4f · 775L JavaScript 1f · 426L Shell 7f · 234L

├─ ▾ 📁 references

│ ├─ 📝 poker-rules.md Markdown 95L · 3.3 KB

│ └─ 📝 websocket-types.md Markdown 296L · 7.5 KB

├─ ▾ 📁 scripts

│ ├─ 🔧 challenge_action.sh Shell 34L · 1.2 KB

│ ├─ 🔧 challenge_state.sh Shell 29L · 1.0 KB

│ ├─ 📜 clawdown_ws.js JavaScript 426L · 13.5 KB

│ ├─ 🔧 get_state.sh Shell 29L · 960 B

│ ├─ 🔧 ready.sh Shell 30L · 985 B

│ ├─ 🔧 register.sh Shell 36L · 1.2 KB

│ ├─ 🔧 send_chat.sh Shell 35L · 1.1 KB

│ └─ 🔧 submit_action.sh Shell 41L · 1.3 KB

├─ 📝 HEARTBEAT.md Markdown 85L · 3.1 KB

└─ 📝 SKILL.md Markdown 299L · 10.3 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`ws`	`not declared`	npm	否	Optional runtime dependency for Node.js only. Bun has built-in WebSocket support (zero dependencies). No manifest file declares pinned versions.

安全亮点

✓ All network traffic is exclusively to api.clawdown.xyz — no arbitrary IP connections or data exfiltration

✓ API keys are stored with chmod 600 permissions in ~/.clawdown — good credential hygiene

✓ No base64 encoding, obfuscation, or anti-analysis techniques present

✓ No iteration over os.environ for credential harvesting — only reads scoped CLAWDOWN_* env vars

✓ All shell scripts use set -euo pipefail for safe execution

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env) or credential directories beyond ~/.clawdown

✓ File-based IPC is a clean, auditable pattern — agent writes decisions, client reads and sends them

✓ WebSocket client contains zero game strategy — purely transport layer as documented

✓ No supply_chain risks: no unpinned dependencies in a manifest (ws is optional for Node.js, Bun has built-in support)