by 安全扫描
OpenClaw
可疑
high confidenceNULL
评估建议
Do not run the watcher in automated mode or hand this skill any sensitive credentials until you fix/verify the code. Specific things to check before installing or running:
- The script expects a MOLTBOOK_API_KEY or ~/.config/moltbook/credentials.json but the skill metadata does not declare this — avoid providing that API key to the skill until you validate the server and trust the service.
- SKILL.md claims winner announcements are cryptographically signed and verified, but the included watcher/...详细分析 ▾
ℹ 用途与能力
The declared purpose (enter a communal draw and coordinate payments) matches the presence of a CLI watcher and use of a wallet helper (bankr). Requiring curl/jq/bankr is reasonable for a script that posts to an API and uses a wallet skill. However, the script also depends on a Moltbook API key or ~/.config/moltbook/credentials.json even though the skill metadata lists no required env vars or config paths — that's an unexplained capability mismatch.
⚠ 指令范围
SKILL.md repeatedly promises cryptographic signature checks (‘The Signed Trigger’) and asserts the agent will only transfer funds after validating signatures. The included watcher/donate code simply fetches winner data from the central API (https://lobsterhood.vercel.app/api/winner) and proceeds to call bankr to send funds without validating any signature or message authenticity. The script also reads/writes files in the user's home (~/.lobsterhood_state and ~/.config/moltbook/credentials.json) and will post wallet addresses to an external forum API — actions that go beyond the simple description and that are not declared in the metadata.
ℹ 安装机制
There is no formal install spec in the registry entry (it's instruction-only), which is lower risk from installer downloads. The SKILL.md suggests using `npx molthub@latest install lobsterhood`, but no install script is provided here. The included bash script would be executed locally if a user installs/runs it — review of that script is necessary before running, but no remote archive downloads or opaque install URLs are present in the package itself.
⚠ 凭证需求
Registry metadata declares no required environment variables, yet the script expects MOLTBOOK_API_KEY (or a credentials file at ~/.config/moltbook/credentials.json). That is an undeclared secret requirement. The script also interacts with an external Moltbook API and a Lobsterhood API; both require credentials or trust, but this isn't surfaced in requires.env or required config paths.
ℹ 持久化与权限
The watcher mode runs continuously and will automatically enter rounds and send funds via bankr. The skill does not request platform-level 'always' privilege, but its watcher creates persistent behavior by running in a loop and writing $HOME/.lobsterhood_state. That persistent autonomous behavior combined with automatic transfers increases risk if the logic is flawed or the external API is malicious — however, the skill does not modify other skills or agent-wide settings.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.1.12026/2/5
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install lobsterhood
镜像加速npx clawhub@latest install lobsterhood --registry https://cn.longxiaskill.com