Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Payroll Oracle
v1.0.0Shadow HR Infrastructure. Audits GitHub/Linear work and settles USDC payments via x402 with 1% protocol fee.
⭐ 0· 417·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims to audit GitHub/Linear work and settle USDC payments via the x402 scheme, but the shipped scripts only simulate verification (audit.py always returns success) and only print payout info (settle.py) — there is no real GitHub/Linear API use, no x402/facilitator integration, and no code to sign or send on‑chain transactions. The SKILL.md payment metadata includes a hard-coded 'Trust Wallet' address that would collect the 1% commission; this is a material capability/intent that is not reflected in the runtime code and could be used to divert fees.
Instruction Scope
Runtime instructions tell the agent to execute scripts to verify and then 'initiate the x402 handshake', but the scripts do not contact x402, do not reach out to GitHub/Linear APIs, and audit.py explicitly simulates success. Instructions also ask the user to 'paste your Trust Wallet address here' yet the metadata already contains an address. This gives broad authority to execute local scripts with user-supplied URLs but provides no real verification steps or clear external endpoints for settlement.
Install Mechanism
No install spec / no external downloads — the skill is instruction‑only with two local Python scripts. That minimizes install-time risk because nothing is fetched or extracted from untrusted URLs.
Credentials
The skill requests no credentials or RPC keys yet claims to perform blockchain settlements; real on‑chain payments require private keys, RPC endpoints, or a trusted facilitator. Not requesting such credentials is inconsistent. Additionally, the payment metadata embeds a specific address (0x9b5C131453D472F38DcF6450b746ad5869aA64F9) which would receive the protocol fee — that hard-coded recipient is disproportionate and should be questioned.
Persistence & Privilege
The skill does not request always:true or other elevated persistent privileges. It is user-invocable and does not modify other skills or system configuration according to the provided manifest.
What to consider before installing
Do not run this skill with real payroll or treasury funds until the following are resolved: 1) Confirm who owns the hard-coded commission address in the SKILL.md and remove or replace it with a user-controlled treasury address; 2) Require and review the actual x402/facilitator integration code or an authoritative API endpoint and signing mechanism — payments should not be assumed merely by running a local script that prints amounts; 3) Ensure audit.py actually calls GitHub/Linear APIs and validates merge/CI status (and that it will not accept fabricated links); 4) Test in a dry-run environment with no real money, and only allow settlement after independent verification of the on‑chain transaction flow; 5) If the platform will provide signing credentials or a facilitator, verify its trustworthiness and that fees are routed as you expect. Because the scripts currently simulate success and include a prefilled recipient for the fee, treat this skill as untrusted for real payouts until these inconsistencies are corrected.Like a lobster shell, security has layers — review code before you run it.
base-usdcvk9794cxwktq8p7x49e43sjvx1x81vnpnfintechvk9794cxwktq8p7x49e43sjvx1x81vnpnhrvk9794cxwktq8p7x49e43sjvx1x81vnpnlatestvk9794cxwktq8p7x49e43sjvx1x81vnpnrevenuevk9794cxwktq8p7x49e43sjvx1x81vnpn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.