ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Stripe Full Read Access

v1.0.0

Access Stripe directly with a Stripe secret or restricted API key for broad read-only platform queries, especially Connect accounts, application fees, balanc...

0· 40·0 current·0 all-time
byGeorge Lewis@georgelewi5
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims broad read-only Stripe access and the SKILL.md contains concrete curl/python examples that only call read endpoints (accounts, balance, charges, etc.). The requested operations are consistent with the description.
!
Instruction Scope
The instructions explicitly instruct the agent to read a local file at /home/clawd/.config/stripe/api_key and to export it as STRIPE_API_KEY. The skill does not declare this file path or credential anywhere in the registry metadata. Hardcoding a specific home-path for a user named 'clawd' is surprising and may not apply to other users; it also means the agent will attempt to read a sensitive local file when invoked.
Install Mechanism
This is an instruction-only skill with no install spec or code files, so there is no software downloaded or executed beyond the commands shown in SKILL.md (low install risk).
!
Credentials
The skill requires a Stripe secret to function, but the registry metadata lists no required env vars or primary credential. The SKILL.md instructs using STRIPE_API_KEY and a specific local file path and even recommends a platform-level key for Connect reporting—platform keys are highly privileged. The lack of declared credential in metadata is an inconsistency and raises the chance of accidental exposure or misuse of a full-access key.
Persistence & Privilege
always is false and there is no installation that modifies agent-wide settings. The skill does instruct reading a local secret at runtime, but it does not request persistent presence or elevated platform privileges.
What to consider before installing
This skill appears to do what it says (read Stripe data), but it has some red flags you should address before installing or running it: - The SKILL.md expects a Stripe API key at /home/clawd/.config/stripe/api_key and uses STRIPE_API_KEY, but the skill metadata does not declare any required credential or primaryEnv. Confirm where your agent will look for keys and whether that hardcoded path is appropriate for your environment. - The SKILL.md recommends using a platform-level key for Connect reporting. Platform keys are highly sensitive—prefer creating and using a restricted, read-only key scoped only to the endpoints you need. - Because the skill instructs the agent to read a local file, ensure the agent process has explicit permission to access that path and that no unintended keys reside there. If you run agents in multi-tenant or cloud environments, do not place secrets in predictable filesystem locations. - Consider updating the skill or configuration to: declare the expected credential in metadata (primaryEnv or requires.env), make the key path configurable (not hardcoded to /home/clawd/...), and document the minimal OAuth/Restricted key scopes required. If you cannot confirm these items, treat the skill as higher-risk and avoid granting it access to any production/privileged Stripe keys.

Like a lobster shell, security has layers — review code before you run it.

latestvk9792272499dxkjdtpv8aarqc583p3nm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments