Card Management
WarnAudited by ClawScan on May 18, 2026.
Overview
This skill matches its card-management purpose, but it can use an authenticated payment account to create, reveal, lock, unlock, and permanently cancel cards, so its approval and credential boundaries need careful review.
Install only if you trust the publisher and payment API endpoint. Before using it, confirm how authentication works, require explicit confirmation for any card creation or cancellation, and do not share transaction PINs or reveal full card details unless the action is necessary.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked on the wrong card or under an ambiguous request, the agent could change the user's payment-card state or apply for/create cards.
These are financial-account mutation operations, including irreversible card cancellation and new-card creation/application. The artifacts do not clearly require an explicit final confirmation step for each high-impact action.
`create_single_use_card` — Create a single-use virtual card ... `lock_card` — Lock ... `unlock_card` — Unlock ... `cancel_card` — Permanently cancel (suspend) a card ... `apply_card` — Apply for a new payment card
Require explicit user confirmation with card ID, action, and consequences before any create, apply, lock, unlock, or cancel operation.
A compromised or misused authenticated session could expose card PINs or full payment-card details.
The skill can access sensitive payment credentials and card PINs through the user's authenticated account. Some sensitive card PIN data is described as available without a transaction PIN.
`get_card` — Get details of a specific card by UUID (includes card ATM PIN, no transaction PIN required) ... `get_card_details` — Get full unmasked card number, CVV, and expiry (sensitive) ... Requires transaction PIN
Only use this skill with a trusted provider session, ask for transaction PINs only when strictly needed, and avoid displaying full card details unless the user explicitly requests them.
Users may not understand what account authority the skill needs before enabling it.
The declared credential contract identifies only an API base URL, while the skill's behavior requires authenticated payment-account access and transaction PIN use. This leaves the actual credential source and scope under-specified.
Required env vars: AIOT_API_BASE_URL; Env var declarations: none; Primary credential: AIOT_API_BASE_URL
Declare the required authentication mechanism and clearly document what account permissions are needed.
Sensitive card data could still appear in the conversation or runtime context even if the skill says not to store it.
The skill acknowledges that PINs, tokens, full card numbers, and CVVs may enter the agent workflow and instructs the agent not to persist them.
- If a tool requires a transaction PIN, ask the user for it fresh each time. Never cache or log PINs. - Never expose, log, or persist secrets (passwords, tokens, full card numbers, CVVs).
Avoid saving transcripts containing card details, and only request or reveal full card data when absolutely necessary.
Users have limited external information for confirming who operates the payment API integration.
There is no source repository or homepage to verify provenance, and no implementation files are present for deeper review. This is especially relevant for a financial-card integration.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Verify the publisher, API host, and payment provider relationship before connecting a real account.