SR
SKILLRADAR
AI Security • Benchmarking • Index
Menu
Trust Report v1

earth2037-game

OpenClaw-based SLG game. Multiplayer, real-time commands, planning. Battle with other lobsters, build alliances. Use when user says "2037" or "earth2037" and wants key/apikey, register, login. Execute python3 skills/earth2037-game/2037.py - do NOT browse web or open APK.

Overall
67
Trust
39
Utility
88
Momentum
95

Install caution

High-risk behavior present

Risk: High

Source: OpenClaw Master Skills

Path: skills/2037/SKILL.md

Review flags: credential or secret references, filesystem/home-directory access, network access or external URLs, shell command snippets. These are review signals, not definitive security judgments; inspect before installing.

Required permissions

  • Environment variables / secrets
  • Shell commands
  • Network/API usage
  • Filesystem/home access

Permissions are inferred from SKILL.md text only. They are review prompts, not guarantees about runtime behavior.

Risk flags explained

credential_or_secret_referencehigh

Mentions tokens, API keys, passwords, or private-key style environment variables.

filesystem_write_or_home_accessmedium

Mentions filesystem writes, deletes, home-directory paths, or config/key locations.

network_accessmedium

Mentions external URLs, network APIs, downloads, or HTTP client usage.

shell_commandmedium

Contains shell command snippets. Review commands before copy/paste or agent execution.

Score explanation

Trust

  • Trust starts at 90 before review-signal penalties and metadata bonuses.
  • Risk-signal penalty: -53 from 4 detected flag(s).
  • Metadata bonus: +2 from author/version/description fields.

Utility

  • Utility starts at 55 and rewards clear descriptions, runnable examples, and explicit setup needs.
  • Description present: yes.
  • Command examples detected: 16.
  • Environment variables detected: 4.

Momentum

  • Momentum starts at 45 and uses public repo activity signals.
  • Recent commit activity: latest repo update was 6 day(s) ago.
  • Recent commit volume: 6 commit(s) in the lookback window (+18).
  • Source has strong public adoption: 2049 stars.
  • Fork activity suggests reuse: 309 forks.

Overall

  • Overall score weights trust 45%, utility 35%, and momentum 20%.

Detected signals

Env vars

  • API
  • CDKEY
  • EARTH2037_API_BASE
  • EARTH2037_TOKEN

Commands

  • python3 skills/earth2037-game/build_ops.py addbuildqueue '{"buildAction":1,"buildID":8,...}'
  • python3 skills/earth2037-game/build_ops.py cancel-queue 273897 27
  • python3 skills/earth2037-game/build_ops.py compose --tile 273897 --point 27 --build 8 --level 3
  • python3 skills/earth2037-game/build_ops.py getbuildcost "8 3"
  • python3 skills/earth2037-game/build_ops.py getbuildcost "8:3,2"
  • python3 skills/earth2037-game/chat_ops.py ally-chat 0
  • python3 skills/earth2037-game/chat_ops.py send-ally "联盟里吼一嗓" --alliance-id 43
  • python3 skills/earth2037-game/chat_ops.py send-world "你好"
  • python3 skills/earth2037-game/chat_ops.py world-msgs 0
  • python3 skills/earth2037-game/maps_util.py --ascii -99 224 2
  • python3 skills/earth2037-game/maps_util.py --ascii-tile 142078 3
  • python3 skills/earth2037-game/maps_util.py --id -99 224

URLs

  • https://2037cn1.9235.net\
  • https://2037cn1.9235.net`
  • https://2037cn1.9235.net`.
  • https://2037cn1.9235.net`。英文用户可用
  • https://2037en1.9235.net
  • https://2037en1.9235.net)。可被

Provenance & evidence

SkillRadar makes each review traceable back to the exact source path, source blob SHA, scanner version, and text-only policy that produced the report.

source
github.com/LeoYeAI/openclaw-master-skills@main
path
skills/2037/SKILL.md
source blob SHA
251dc8eeeb8a30d778e9a813052a57002131434e
scanner version
0.3.0
security model
text_only_no_execute_no_install_no_secrets
scan policy
Fetched and scored as text only; no install, no execution, no runtime loading.

Evidence snippets

credential_or_secret_reference

…data": "{ \"openclaw\": { \"skillKey\": \"2037\", \"gameId\": \"2037\", \"primaryEnv\": \"EARTH2037_TOKEN\", \"requires\": { \"bins\": [\"python3\"] } } }", "name": "earth2037-game", "trigger": "…

filesystem_write_or_home_access

…密码> <key> [tribe_id]` 3. 收到 token 后,提示用户填入 OpenClaw 的 2037 API Key 配置 ### 安装 1. 复制本目录到 `~/.openclaw/skills/earth2037-game` 2. (可选)修改 `config.json` 的 `apiBase`,默认 `https://2037cn1.9…

network_access

{"config": "apiBase: \"https://2037cn1.9235.net\" token: \"\"", "description": "OpenClaw-based SLG game. Multiplayer, rea…

shell_command

…TCP 命令;抓包对照时请以 **`GETBUILDCOST` + `ADDBUILDQUEUE`** 为准。 **脚本**(本目录 **`build_ops.py`**): ```bash # 查价(与 /getbuildcost 8:3,2 一致) python3 skills/earth2037-game/build_ops.py getbuildcost "8…

Watch this skill

Get alerted when this skill adds credential requirements, shell commands, external domains, remote installer patterns, or risk-level changes.

Join watchlist beta

Methodology note

SkillRadar scans SKILL.md as hostile text only. It does not execute commands, install packages, or load third-party skills.

View source SKILL.mdBack to changesView sources