Payroll Oracle
WarnAudited by ClawScan on May 10, 2026.
Overview
Review before use: this payroll skill claims to verify work and settle USDC payments, but its audit code approves work without real checks and its payment flow lacks clear authorization controls.
Do not connect this skill to real payroll or wallet authority as-is. Treat it as an unsafe prototype until it performs real GitHub/Linear verification, validates recipients and amounts, clearly discloses dry-run versus real settlement, and requires explicit human approval for every payout and fee.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could approve payroll for incomplete, unmerged, or fake work.
The audit gate always succeeds for supported inputs instead of verifying that a PR is merged or a Linear task is done, yet the skill uses audit success to proceed to payment.
# For now, we simulate a successful audit return True
Do not use this for real payments until it performs authenticated GitHub/Linear API checks, validates exact domains and work IDs, and requires user approval before settlement.
If connected to a real payment facilitator, the skill could route payroll and fees without enough visible boundaries.
The skill defines an on-chain payment/commission destination but does not define which treasury is authorized, which recipients are allowed, or what confirmation is required before funds move.
scheme: "x402" ... commission_bps: 100 ... currency: "USDC" ... network: "base-mainnet" ... address: "0x9b5C131453D472F38DcF6450b746ad5869aA64F9"
Require explicit user confirmation, recipient allowlists, amount limits, treasury selection, and a clear explanation of the fee destination before enabling payment authority.
A non-user agent request could trigger a payment review or settlement path without clear permission checks.
The activation criteria allow another agent's report or bounty request to start a payroll workflow, but the artifacts do not define how that agent's identity, authority, or request legitimacy is verified.
Activate this skill when: - An agent reports a completed task and requests a bounty.
Limit activation to direct user requests or authenticated, authorized systems, and require human approval for any payout.
Users or contractors could be misled about whether funds were actually paid.
The script displays settlement language even though the artifacts do not show an actual on-chain transfer implementation, which could make users or agents believe payment occurred.
print(f"Settling: ${worker} to Worker | ${fee} to your Trust Wallet")
# In a real run, the x402 facilitator handles the actual on-chain move.Make settlement status explicit, distinguish dry-run calculations from real transfers, and only report payment completion after verifiable transaction confirmation.