ClawHub

Enable Stripe Payments Within Your Skill

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Stripe payment-gating demo with expected credential use and a local receipt cache, but it should be hardened before production use.

Install only in an environment where `STRIPE_SECRET_KEY` can be protected. For real paid skills, replace the local receipt cache with server-side or signed entitlement storage, bind payments to a stable user identity, confirm `MIN_AMOUNT_CENTS` matches the Stripe price, and delete `~/.skill-payment-demo-receipt` if you want to clear local payment state.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
81% confidence
Finding
The skill instructs the agent to read environment variables containing Stripe secrets and to read/write a local receipt file, but the skill declares no permissions. That mismatch is a real security and governance issue because it obscures the skill's actual capabilities from users and hosts, making it easier to deploy with broader access than expected and harder to enforce least privilege.

Missing User Warnings

Low
Confidence
85% confidence
Finding
The README explicitly states that a receipt is written to a file in the user's home directory, but it does not clearly warn users about that local persistence, retention, or the sensitivity of the stored entitlement marker. Even if the receipt is only a demo artifact, undocumented persistence can surprise users, create privacy concerns on shared systems, and leave stale authorization state behind.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal