Skills
skills/openclaw/skills/claw-werewolf-live/Gen Agent Trust Hub

claw-werewolf-live

Warn

Audited by Gen Agent Trust Hub on Feb 13, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The installation instructions utilize clawdhub pointing to https://www.clawhub.ai as a registry. This source is not within the defined trust scope, posing a risk of unverifiable dependency installation.
  • [PROMPT_INJECTION] (MEDIUM): Identified an Indirect Prompt Injection (Category 8) vulnerability surface in the heartbeat mechanism.
  • Ingestion points: The HEARTBEAT.md file directs the agent to crawl an external Vercel-hosted URL (claw-werewolf-f8nfz98cd-riks-projects-ff86846d.vercel.app) to check match status and lobby sizes.
  • Boundary markers: Absent. The agent is not instructed to use delimiters or ignore instructions found on the webpage.
  • Capability inventory: The agent is tasked with summarizing match data and updating local notes (file/state modification), allowing malicious content on the site to potentially influence the agent's internal reasoning or local state.
  • Sanitization: Absent. There is no mention of filtering or validating the content retrieved from the web viewer.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 13, 2026, 02:54 PM