Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
CreditClaw Amazon
v2.9.5Amazon Checkout - Use the new UCP search function from Shop App from Shopify.
⭐ 4· 591·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The skill's files implement a general CreditClaw checkout platform (many merchant guides including Amazon and Shopify) and require CREDITCLAW_API_KEY to call creditclaw.com — which is proportionate for a payment/checkout skill. However the short description at the top (mentions 'UCP search function from Shop App from Shopify') conflicts with the skill name ('Amazon') and the bundle actually contains multi-platform checkout guides; this is likely a documentation/packaging mismatch but it is an inconsistency to be aware of.
Instruction Scope
SKILL.md and companion files explicitly instruct the agent to: call CreditClaw API endpoints, request one-time decryption keys, perform AES-256-GCM decryption of card blobs in-memory, drive browser interactions on merchant sites (including Amazon where account sign-in is required), and post confirm/status back to the API. Those actions fall squarely within a checkout skill's responsibilities. They also involve highly sensitive data (decrypted card details and an API key) — the skill includes warnings not to persist or leak them, but the runtime behavior requires the agent to handle secrets and perform network calls, so you must trust the service and the skill's provenance.
Install Mechanism
This is instruction-only with no install spec and no bundled binaries or extracted archives — lowest-risk install mechanism. Nothing is written to disk by an installer in the skill bundle itself.
Credentials
Only a single environment variable (CREDITCLAW_API_KEY) is required, which is appropriate for a hosted payment API. Minor metadata inconsistency: the top-level registry metadata lists no primary credential while _meta.json declares primaryEnv: CREDITCLAW_API_KEY — the required variable itself is proportional, but verify which value the platform will actually use and where to store it securely.
Persistence & Privilege
The skill is not set to always:true and does not request elevated persistent privileges. It may be invoked autonomously (default), which increases its effective blast radius if misused, but that is the platform default and not in itself a defect for a checkout skill.
Assessment
This skill implements a full agent-driven checkout flow and needs your CREDITCLAW_API_KEY to operate — that is expected for a payment integration but also sensitive. Before installing: 1) Verify the skill's origin (confirm creditclaw.com homepage and the GitHub repository cited in _meta.json) and prefer official published skills; 2) Only provide an API key with the minimum scope and enable owner-approval/ask_for_everything by default so no purchases occur without explicit consent; 3) Treat the key like payment credentials — store in a secure secrets manager and rotate/revoke it after testing; 4) Confirm the webhook/callback URLs you configure and keep webhook secrets private; 5) If you don't trust the publisher or cannot confirm the homepage/repo, do not install — the runtime will handle decrypted card data and can spend funds if the API key is misused. If you want higher assurance, ask the publisher for an auditable provenance (signed release, official domain) or run a limited-scope test with a low balance account.Like a lobster shell, security has layers — review code before you run it.
amazonvk972s0gw586x3m4dq6tbw9br4n83n3p0checkoutvk972s0gw586x3m4dq6tbw9br4n83n3p0latestvk972s0gw586x3m4dq6tbw9br4n83n3p0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
EnvCREDITCLAW_API_KEY