ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

BTC Bot | Give your agent a wallet or credit card

v1.0.0

Is your claw a shopaholic? Provide payment wallets and strict controls.

0· 253·0 current·0 all-time
by@codejika
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (agent wallet/checkout) align with the declared API base, endpoints, and the single required environment variable CREDITCLAW_API_KEY. The API key is the expected primary credential for a payments integration.
!
Instruction Scope
SKILL.md instructs the agent to download skill files via curl, save files under ~/.creditclaw, run sub-agents (sessions_spawn), and execute a decrypt script (node decrypt.js) against encrypted card files. Those actions involve persistent filesystem writes, running code, and handling raw card data. The skill metadata does not declare these operational requirements (curl, node, ability to spawn sessions), and the instructions give the agent broad discretion to save and execute artifacts — increasing the attack surface.
Install Mechanism
No install spec (instruction-only) — lower risk in that nothing is installed by the registry, but SKILL.md suggests using curl to download multiple files from https://creditclaw.com into user paths which will write to disk if followed. Those URLs are hosted on the skill's claimed domain (creditclaw.com) — not an arbitrary shortener — but executing downloaded scripts (decrypt.js) relies on external content that would be written/executed locally.
Credentials
Only CREDITCLAW_API_KEY is required, which is proportionate for a payment integration. However, that single API key grants authority to create checkouts, initiate purchases, request decryption keys, and confirm transactions — effectively enabling monetary actions. The documentation warns not to send the key elsewhere, but granting this key to the skill gives it power to spend (subject to owner guardrails).
Persistence & Privilege
always:false (normal). The skill encourages spawning ephemeral sub-agents to handle decryption; this pattern is intended to limit exposure but depends on the platform providing isolated sub-agent execution. Autonomous invocation is allowed (platform default); combined with the ability to perform purchases, this increases blast radius if approval rules are misconfigured or if the agent can be triggered autonomously.
What to consider before installing
This skill appears to be what it says (a payments/wallet integration), but it asks the agent to download files, save encrypted card files, and run a decrypt script — operations that write to disk and execute code. Before installing or providing CREDITCLAW_API_KEY: - Only proceed if you trust https://creditclaw.com and understand the consequences of giving a single API key authority to initiate purchases. Treat the API key like a payment credential. - Prefer issuing a scoped/revocable API key (if CreditClaw supports scopes) and test with minimal funds or sandbox keys. - Ensure your owner-enforced approval_mode is set to require human approval for purchases (ask_for_everything) unless you deliberately trust automated spending. - Confirm your environment supports the sub-agent pattern and that sub-agents run in strong isolation and are deleted after checkout. If your platform cannot spawn isolated sub-agents, the instructions say the main agent would perform decryption — that exposes raw card data in the agent context and is higher risk. - Note the metadata omission: the skill assumes tools like curl and node; ensure you have those in a safe environment and avoid blindly running downloaded scripts. - Monitor activity and webhook notifications for unexpected purchase attempts, and be ready to revoke the API key and freeze the wallet if necessary.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ep26335a0bvgrc1grn913dh82p3rp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvCREDITCLAW_API_KEY
Primary envCREDITCLAW_API_KEY

Comments