ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

PayPilot by AGMS

v1.3.5

Process payments, send invoices, issue refunds, manage subscriptions, and detect fraud via a secure payment gateway proxy. Use when a user asks to charge som...

0· 518·0 current·0 all-time
by@agmsyumet
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (payment processing, invoices, refunds, subscriptions, fraud rules) match the runtime instructions and API endpoints. Required binaries (curl, jq) are appropriate for an instruction-only skill that issues HTTP requests and parses JSON. No unrelated credentials or system paths are requested.
Instruction Scope
Instructions direct the agent to read and write a single local config file (~/.config/paypilot/config.json) to store a JWT and to prompt the user for their password when refreshing tokens. This is within scope for a client that needs auth state, but it does mean the agent will read/write files in the user's home directory and send basic business lead info to an external API. The SKILL.md explicitly says the agent must not collect SSN/bank details and delegates that to the AGMS hosted form.
Install Mechanism
No install spec and no remote downloads; instruction-only approach is low-risk and proportional. The requirement that curl and jq be present is reasonable for shell-based HTTP calls and JSON parsing.
Credentials
The skill does not request environment variables, secrets, or unrelated credentials. It uses a locally stored JWT and a gateway_key that the user configures via the proxy — which is expected for a payment gateway proxy.
Persistence & Privilege
The skill is not forced always-on and does not request system-wide privileges or modify other skills. It persists only its own config file under ~/.config/paypilot, which is appropriate for storing auth tokens.
Assessment
This skill appears internally consistent for a payment-proxy integration, but review and consider the following before installing: - Confirm you trust the remote host (https://paypilot.agms.com and https://agms.com/get-started/) before providing gateway keys or registering. Verify TLS and the vendor's identity/terms. - The agent will read/write ~/.config/paypilot/config.json to store a JWT. Ensure you are comfortable storing an access token there (the instructions set chmod 600, which is good practice). - The skill sends lead and payment-management requests to the external API; do not instruct the agent to provide SSNs, bank account numbers, or other PCI/PII via chat — follow the skill's guidance to use the hosted AGMS form for sensitive merchant details. - If you have internal security policies, review whether sending your gateway_key to a hosted proxy is acceptable (the proxy will store/handle the gateway key on your behalf). - If you need higher assurance, ask the vendor for an auditable API/SDK, an allowlist of endpoints, or hosting options that meet your compliance needs.

Like a lobster shell, security has layers — review code before you run it.

3d securevk97bgw3fpd1t75ja91xaxvkrnd81vsp4ai paymentsvk97bgw3fpd1t75ja91xaxvkrnd81vsp4billingvk97cp950tqb0r8nnvehx414d6n81s1vrcredit-cardvk97cp950tqb0r8nnvehx414d6n81s1vrecommercevk97cp950tqb0r8nnvehx414d6n81s1vrfintechvk97cp950tqb0r8nnvehx414d6n81s1vrfraud detectionvk97bgw3fpd1t75ja91xaxvkrnd81vsp4invoicingvk97cp950tqb0r8nnvehx414d6n81s1vrlatestvk9773ra0cwh19khay171ggh5xd830dwqmerchantvk97cp950tqb0r8nnvehx414d6n81s1vrpayment-gatewayvk97cp950tqb0r8nnvehx414d6n81s1vrpaymentsvk97cp950tqb0r8nnvehx414d6n81s1vrpci-compliantvk97cp950tqb0r8nnvehx414d6n81s1vrpoint-of-salevk97cp950tqb0r8nnvehx414d6n81s1vrrecurring-billingvk97cp950tqb0r8nnvehx414d6n81s1vrrefundsvk97cp950tqb0r8nnvehx414d6n81s1vrrisk scoringvk97bgw3fpd1t75ja91xaxvkrnd81vsp4saasvk97cp950tqb0r8nnvehx414d6n81s1vrsubscriptionsvk97cp950tqb0r8nnvehx414d6n81s1vrtokenizationvk97cp950tqb0r8nnvehx414d6n81s1vr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl, jq

Comments