AgentFin
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill matches its stated purpose, but it gives an agent direct access to payment card details, OTPs, and fund-moving actions without clear user-approval limits.
Install only if you intentionally want an agent to access and use a prepaid virtual card account. Keep balances low, require explicit approval before every top-up, credential reveal, OTP use, or purchase, and verify AgentFin independently before sending USDT or storing its API key.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the API key is available, an agent could help complete purchases or expose payment credentials without a clear built-in confirmation boundary.
The skill instructs an agent through a full payment flow using card credentials and OTP codes, but the artifact does not specify required user approval, spending limits, merchant restrictions, or review before completing high-impact financial actions.
Typical Purchase Flow ... Get card credentials ... Use PAN, CVV, expiry to fill in payment form ... Submit the OTP code ... Purchase complete
Only use this with explicit per-transaction user approval. Add or require safeguards such as spend limits, merchant allowlists, confirmation before revealing card details or OTPs, and confirmation before any top-up or purchase.
Anyone or any agent session with this environment variable could access sensitive payment details and financial account functions.
The single API key appears to authorize access to full payment card credentials, OTP codes, balance, transactions, and card top-up operations. The artifact does not describe narrower scopes or privilege separation.
All requests require a Bearer token. Use the `AGENTFIN_API_KEY` environment variable. ... Returns `pan`, `cvv`, `expiryMonth`, `expiryYear` ... Fetch Latest OTP Code
Treat the API key like a financial credential. Use a dedicated low-balance account, rotate/revoke the key after use, avoid broad agent access, and prefer least-privilege or per-action tokens if the provider supports them.
Card numbers, CVVs, billing details, and OTPs may appear in the agent conversation or working context.
The skill expects full card credentials to be retained in the agent context during a session. This is purpose-aligned, but the artifacts do not specify safeguards against logging, persistence, or reuse beyond the intended transaction.
Card credentials are rate-limited (10/min). Cache them for the duration of a purchase session.
Do not allow these values to be saved to memory, logs, shared notes, or transcripts when avoidable. Clear the session after use and keep card balances low.
Users must trust the external provider before depositing USDT or exposing payment activity through the API.
The skill depends on an external financial provider, while the supplied metadata does not provide a verified source repository or additional provenance details.
Source: unknown; Homepage: https://agentfin.tech
Verify the provider, terms, fees, card issuer legitimacy, and support/recovery options before funding the account or installing the skill.