ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Payroll Oracle

v1.0.0

Shadow HR Infrastructure. Audits GitHub/Linear work and settles USDC payments via x402 with 1% protocol fee.

0· 431·1 current·1 all-time
by@eldan445
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill claims to audit GitHub/Linear work and settle USDC payments via the x402 scheme, but the shipped scripts only simulate verification (audit.py always returns success) and only print payout info (settle.py) — there is no real GitHub/Linear API use, no x402/facilitator integration, and no code to sign or send on‑chain transactions. The SKILL.md payment metadata includes a hard-coded 'Trust Wallet' address that would collect the 1% commission; this is a material capability/intent that is not reflected in the runtime code and could be used to divert fees.
!
Instruction Scope
Runtime instructions tell the agent to execute scripts to verify and then 'initiate the x402 handshake', but the scripts do not contact x402, do not reach out to GitHub/Linear APIs, and audit.py explicitly simulates success. Instructions also ask the user to 'paste your Trust Wallet address here' yet the metadata already contains an address. This gives broad authority to execute local scripts with user-supplied URLs but provides no real verification steps or clear external endpoints for settlement.
Install Mechanism
No install spec / no external downloads — the skill is instruction‑only with two local Python scripts. That minimizes install-time risk because nothing is fetched or extracted from untrusted URLs.
!
Credentials
The skill requests no credentials or RPC keys yet claims to perform blockchain settlements; real on‑chain payments require private keys, RPC endpoints, or a trusted facilitator. Not requesting such credentials is inconsistent. Additionally, the payment metadata embeds a specific address (0x9b5C131453D472F38DcF6450b746ad5869aA64F9) which would receive the protocol fee — that hard-coded recipient is disproportionate and should be questioned.
Persistence & Privilege
The skill does not request always:true or other elevated persistent privileges. It is user-invocable and does not modify other skills or system configuration according to the provided manifest.
What to consider before installing
Do not run this skill with real payroll or treasury funds until the following are resolved: 1) Confirm who owns the hard-coded commission address in the SKILL.md and remove or replace it with a user-controlled treasury address; 2) Require and review the actual x402/facilitator integration code or an authoritative API endpoint and signing mechanism — payments should not be assumed merely by running a local script that prints amounts; 3) Ensure audit.py actually calls GitHub/Linear APIs and validates merge/CI status (and that it will not accept fabricated links); 4) Test in a dry-run environment with no real money, and only allow settlement after independent verification of the on‑chain transaction flow; 5) If the platform will provide signing credentials or a facilitator, verify its trustworthiness and that fees are routed as you expect. Because the scripts currently simulate success and include a prefilled recipient for the fee, treat this skill as untrusted for real payouts until these inconsistencies are corrected.

Like a lobster shell, security has layers — review code before you run it.

base-usdcvk9794cxwktq8p7x49e43sjvx1x81vnpnfintechvk9794cxwktq8p7x49e43sjvx1x81vnpnhrvk9794cxwktq8p7x49e43sjvx1x81vnpnlatestvk9794cxwktq8p7x49e43sjvx1x81vnpnrevenuevk9794cxwktq8p7x49e43sjvx1x81vnpn
431downloads
0stars
1versions
Updated 9h ago
v1.0.0
MIT-0
@eldan445
base-usdcfintechhrlatestrevenue
Download

Instructions

  1. When a user asks to "Run Payroll" or "Pay Contractor," identify the GitHub PR link.
  2. Call scripts/audit.py to verify the PR is 'Merged'.
  3. If valid, call scripts/settle.py to calculate the 1% fee and trigger the x402 settlement.

⚖️ Payroll-Oracle Documentation

📖 Overview

Payroll-Oracle provides a decentralized verification layer for agent work. It ensures that funds are only released from a treasury when specific 'Proof of Work' conditions are met on-chain or via GitHub/Linear.

🛠️ Activation Criteria

Activate this skill when:

  • The user asks to "pay the team" or "settle invoices."
  • An agent reports a completed task and requests a bounty.
  • A "Payroll Run" is initiated for a specific GitHub repository.

📋 Operational Checklist

When triggered, the agent must:

  1. Identify the specific Work URL (GitHub PR or Linear Ticket).
  2. Execute scripts/audit.py <URL> to verify the status is 'Merged' or 'Done'.
  3. If successful, calculate the total payout minus the 1% protocol fee.
  4. Execute scripts/settle.py <Amount> to initiate the x402 handshake.

❌ Error Handling & Safety

  • Audit Failed: If audit.py returns 1, do NOT proceed. Inform the user that work is unverified.
  • Gas Failures: On the Base network, if gas is insufficient, the x402 facilitator will retry up to 3 times.
  • Unauthorized Links: Only domains github.com and linear.app are supported for auditing.

📝 Examples

User: "Genesis, verify PR #42 on the core repo and pay the dev $200." Agent: "Auditing PR #42... Verified. Settling $198.00 to developer and $2.00 protocol fee to Genesis Treasury."

Comments

Loading comments...