Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Paypro
v1.0.0PayPro integration. Manage data, records, and automate workflows. Use when the user wants to interact with PayPro data.
⭐ 0· 52·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes integrating with a payroll service via the Membrane platform and all runtime instructions use the Membrane CLI, which is consistent with the stated purpose. However, there is a clear mismatch in the documentation: the 'Official docs' link points to PayPal (developer.paypal.com) while the skill is named 'PayPro' — this looks like a copy/paste or documentation error and reduces confidence in the accuracy of the skill's metadata.
Instruction Scope
Instructions are focused on installing and using the Membrane CLI to discover connectors, create a connection, run actions, and proxy arbitrary API requests through Membrane. That scope is expected for an integration skill, but the ability to proxy arbitrary endpoints via the Membrane request command broadens what the agent may do (it can issue arbitrary API calls on behalf of the connected account). The SKILL.md does not instruct the agent to read unrelated local files or env vars.
Install Mechanism
This is an instruction-only skill (no install spec). It recommends installing @membranehq/cli via npm - a common distribution path for CLIs. Because the skill does not include an automated install, nothing is written to disk by the skill itself; the install step is manual and explicit.
Credentials
The skill declares no required environment variables or credentials and relies on Membrane to manage authentication server-side. Requesting a Membrane account and network access is proportional to the integration's needs. Still, using Membrane means granting that service access to the target account's data — this is expected but important to understand.
Persistence & Privilege
The skill does not request persistent or elevated platform privileges (always:false, standard invocable/autonomous behavior). It does not attempt to modify other skills or system-wide configuration in its instructions.
What to consider before installing
This skill appears to be an instructions-only integration that uses the Membrane CLI to access PayPro-like data, but there are a few things to check before you proceed:
- Verify the target service: the SKILL.md lists 'PayPro' but links to PayPal docs — confirm which service/connector you intend to connect to and that the connector you're using is legitimate.
- Trust the intermediary: using this skill means you (or your agent) will authenticate through Membrane and Membrane will have the ability to call APIs on your behalf. Only proceed if you trust Membrane (inspect their homepage/repo and privacy/security docs).
- CLI install risk: installing @membranehq/cli globally installs third-party code on your system; prefer reviewing the package repository and using a controlled environment (container/VM) if you are uncertain.
- Principle of least privilege: when creating the connection, grant only the minimal permissions required and test actions in a non-production account first. Be cautious with the 'membrane request' proxy — it can issue arbitrary calls that may expose or modify data.
- Documentation quality: the PayPro/PayPal mismatch and general copy/paste signs reduce confidence in the skill's maintenance and correctness. Consider contacting the skill author or using the official Membrane docs/repo directly to verify connector IDs and example commands.
If you want to proceed, test in a sandbox environment and avoid providing unrelated credentials or secrets. If you need higher assurance, ask the publisher for clarification on the PayPro vs PayPal mismatch and for an explicit link to the connector definition used.Like a lobster shell, security has layers — review code before you run it.
latestvk972g3y84ytk9gnb456pzt1vf584awgy
License
MIT-0
Free to use, modify, and redistribute. No attribution required.