Mayar Payment Integration
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: mayar-payment Version: 1.0.0 The skill bundle is designed for Mayar.id payment integration, which is a legitimate purpose. However, it includes instructions for setup using `npx -y mcp-remote` in `SKILL.md`, which involves fetching and executing code from npm, posing a supply chain risk. Additionally, the `references/integration-examples.md` file contains JavaScript snippets that use `execSync` to run `mcporter` commands. While these actions are plausibly needed for the stated purpose of the skill, `npx` and `execSync` are powerful shell execution capabilities that, without clear malicious intent, elevate the classification to suspicious due to the inherent risks of executing external code and shell commands.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the token is over-scoped or used without review, the agent could affect real payment workflows or expose customer and transaction information.
The skill requires a Mayar API token and places it into the MCP server configuration. That token enables live payment-account operations such as invoice creation, balance checks, transaction queries, and customer lookups.
API Key - Generate from https://web.mayar.id/api-keys ... "Authorization:YOUR_API_TOKEN_HERE"
Use a sandbox key first, prefer the least-privileged token Mayar supports, restrict who can invoke this skill, and require explicit user confirmation before creating invoices, changing payment settings, or sending customer messages.
A mistaken or autonomous invocation could create incorrect invoices, query sensitive customer/payment data, or act in the wrong Mayar environment.
The documented workflows expose direct MCP tool calls for creating payment links and reading account/customer data, but the instructions do not define approval, amount, recipient, or environment safeguards for live use.
mcporter call mayar.create_invoice ... mcporter call mayar.get_balance ... mcporter call mayar.get_customer_detail
Add clear operational rules: confirm customer identity, amount, items, expiry, redirect URL, and sandbox/production environment before any live payment-account mutation.
A malicious customer name, email, phone, or description could potentially trigger unintended local commands in an implementation that copies this pattern.
The example builds a shell command with interpolated customer/order fields. If copied into an integration where those fields come from users, special shell characters could change the executed command.
const invoice = execSync(`\n mcporter call mayar.create_invoice \\\n name="${data.name}" \\\n email="${data.email}" \\\n mobile="\\\"${data.mobile}\\\"" \\\n description="${data.description}"Avoid shell string construction for dynamic data. Use a structured SDK/API call, pass arguments without a shell, or strictly validate and escape all fields.
Behavior may depend on the current npm package version and the remote MCP service, not just the reviewed skill text.
The setup uses npx to run mcp-remote without a pinned version and connects to a remote MCP server. This is plausible integration plumbing, but the runtime dependency and remote server are outside the reviewed artifacts.
"command": "npx", "args": ["-y", "mcp-remote", "https://mcp.mayar.id/sse", "--header", "Authorization:YOUR_API_TOKEN_HERE"]
Pin the mcp-remote package version where possible, verify the endpoint with Mayar documentation, and review MCP permissions before enabling it.
Customer details, invoices, balances, and transaction data may be sent through the remote MCP service during normal operation.
The skill routes Mayar operations through a remote MCP endpoint using the user's authorization token. This is expected for the stated integration, but it means the remote MCP service handles credentials and payment/customer data.
"https://mcp.mayar.id/sse", "--header", "Authorization:YOUR_API_TOKEN_HERE"
Only use this with a trusted Mayar MCP endpoint, avoid sharing unnecessary customer data, and rotate the token if the configuration is exposed.
An integration could keep running, repeatedly query transaction data, or send follow-up messages longer than intended.
The examples show a long-running polling loop for payment status. Polling is purpose-aligned, but if reused without stop conditions for expiry/errors it can continue making API calls and possibly sending messages.
setInterval(async () => { ... mcporter call mayar.get_latest_transactions page:1 pageSize:10 --output json ... }, 30000);Add explicit stop conditions, timeout limits, expiry handling, rate limiting, and logging for any polling or reminder automation.