Submit your AI product to 70+ AI directories. Agent automates form filling, captcha solving (BYOK 2captcha), and email verification (BYOK IMAP). Save 10+ hours of manual submissions. User provides their own API keys - no credentials stored in skill.
Security Analysis
medium confidenceThe skill's code and instructions match its stated purpose (automating directory submissions using your captcha service and optional IMAP access), but the origin is unclear and there are a few metadata/integration mismatches and sensitive runtime privileges you should review before installing.
Name, description, required binaries (node), env vars (CAPTCHA_API_KEY, CAPTCHA_SERVICE, IMAP_*), and included files (captcha.js, email.js, directories.json) are consistent with the stated purpose of automated form submission, captcha solving, and optional IMAP-based verification. No unrelated credentials or surprising binaries requested.
SKILL.md and DOCS describe visiting submit pages, filling forms, sending captcha images to the user-supplied captcha service, and connecting to IMAP to extract verification links — all within expected scope. Two items to note: (1) SKILL.md's embedded metadata sets disable-model-invocation: true while the registry flags show disable-model-invocation: false — this inconsistency should be clarified (it affects whether the agent can run the skill autonomously). (2) The skill automates actions that some directories may forbid (ToS/legal risk), which the docs flag but you should consider.
There is no installer; this is instruction-plus-code that runs under node. No downloads from untrusted URLs or archived installs are present. Runtime imports (node-fetch, imap, mailparser) are used, but no install spec means the runtime environment must already provide these modules or the agent platform must supply them.
Requested env vars (CAPTCHA_API_KEY, CAPTCHA_SERVICE, IMAP_USER, IMAP_PASSWORD, IMAP_HOST) are necessary for the described functionality. IMAP_PASSWORD grants full mailbox access, so using a dedicated submission-only email and provider app-password is important (the docs recommend this). The number and type of secrets are proportionate, but high-sensitivity (email access) warrants caution and least-privilege handling.
Skill does not request always:true and tracks submissions locally in submissions.json (expected). Potential risk derives from whether the agent is allowed to invoke the skill autonomously: registry flags vs SKILL.md metadata conflict on disable-model-invocation; if the platform allows autonomous invocation and the environment exposes the secrets to the agent, the skill could perform many network actions without additional prompts. No evidence the skill modifies other skills or system-wide config.
Guidance
What to check before installing: 1) Confirm the skill source/trustworthiness (homepage is missing and owner is an ID only). 2) If you run it, use a dedicated submission email (app-password) and an account specifically for captcha payments; do not reuse your personal or high-value account credentials. 3) Verify the disable-model-invocation setting with the platform (SKILL.md says true but registry shows false) — if the skill can run autonomously, consider restricting invocation or running in a sandbox. 4) Review the code files (captcha.js, email.js) yourself or have someone you trust audit them; they appear readable and do exactly what's described, but unknown origin increases risk. 5) Monitor network activity while first runs (or run in isolated environment), and rotate/revoke keys/passwords after testing if you have concerns. If you want lower risk, run only with captcha key and do manual email verification (omit IMAP credentials).
Latest Release
v1.0.3
Added openclaw metadata: declares required env vars (CAPTCHA_API_KEY, CAPTCHA_SERVICE, IMAP_USER, IMAP_PASSWORD, IMAP_HOST), bins (node), user-invocable, disable-model-invocation for security. Fixes evaluator flag.
More by @Heyw00d
Published by @Heyw00d on ClawHub
