clink-interg-skills
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (base64-block); human review is required before treating this skill as clean.
Install this only if you want Clink/payment integration guidance. Run helper scripts from a trusted checkout, review or pin downloaded context for production work, use sandbox flows first, and never paste live Clink API keys, webhook signing keys, wallet details, or model API keys into an agent chat. ClawScan detected prompt-injection indicators (base64-block), so this skill requires review even though the model response was benign.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Guidance produced by this skill could shape integrations that initiate payments, top-ups, or refunds through another payment skill.
The skill guides integrations around payment/refund-capable tools. This is expected for a Clink payment-integration skill, but it is high-impact if implemented incorrectly.
preserving the `clink-payment-skill` boundary: it executes wallet/card/pay/refund/risk-rule operations, but does not decide pricing, entitlement, or merchant receipt confirmation
Use sandbox first, keep pricing and entitlement checks server-side, and require explicit user or merchant approval before any live payment or refund action.
Using the skill may execute local scripts and create/update cache files in the skill directory.
The skill explicitly instructs the agent to run local Node helper scripts during some workflows.
run `node scripts/load_official_docs.mjs` ... run `node scripts/load_payment_skill_contexts.mjs --dependency openclaw-payment-skills --print-path`
Run the skill from a trusted checkout, inspect helper scripts if needed, and avoid running it with elevated privileges.
The guidance may change when the upstream repository changes; a compromised or mistaken upstream context could influence integration recommendations.
The helper downloads latest payment-skill context from an unpinned GitHub main-branch zip. It checks the expected skill name, but does not pin a commit or verify a signature.
defaultUrl: "https://codeload.github.com/clinkbillcom/agentic-payment-skills/zip/refs/heads/main"
For production-sensitive reviews, pin or record the exact commit/source metadata and review the downloaded cache before relying on it.
Stale or tampered cached context could steer future integration answers until the cache is refreshed or cleared.
Remote payment-skill context is cached locally and then read by the agent for later guidance.
The script downloads the requested GitHub codeload zip context into `.cache/payment-skill-contexts/`, writes source metadata
Refresh from trusted sources, check cache metadata, and cross-check important claims against official documentation.
If real API keys or webhook signing keys are pasted into an agent conversation or logs, they could be exposed or misused.
The integration checklist involves merchant API and webhook secrets. This is normal for the stated payment-integration purpose, but those credentials are sensitive.
Configure `CLINK_SECRET_KEY` ... Configure `CLINK_WEBHOOK_SIGNING_KEY`
Store live secrets in a secrets manager or environment variables, avoid sharing them in chat, and use sandbox keys for testing.