ClawHub

Payment Route Optimizer

v1.0.0

Build payment-routing diagnostics, route matrices, retry and failover policies, rollout guardrails, and merchant-friendly planning briefs for payment, checko...

0· 49·0 current·0 all-time
byhaidong@harrylabsj
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires walletCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description align with the implementation: handler.py parses user text and emits an offline routing brief. No unrelated environment variables, binaries, or cloud credentials are requested.
Instruction Scope
SKILL.md stays within an offline planning remit and explicitly forbids live routing or raw PAN handling. However it invites user-supplied 'payment-log summaries or pasted findings' — users could accidentally paste sensitive card data. The skill code itself only processes text locally and does not send data externally, but operators should avoid pasting raw PANs or other secrets.
Install Mechanism
There is no install spec (instruction-only) which minimizes install risk. The package nevertheless includes two local Python files (handler.py and tests). Those files perform only local text parsing and rendering; there are no downloads, network calls, or extracted archives. Review local code before running if provenance is a concern.
Credentials
The skill declares no required environment variables, credentials, or config paths and the code does not read env vars or secrets. Requested permissions are proportionate to the stated task.
Persistence & Privilege
always:false and default autonomous invocation are set. The skill does not request permanent presence or modify other skills or system-wide settings.
Assessment
This skill appears coherent and low-risk for offline planning, but consider these precautions before enabling it: (1) Do not paste raw PANs, full card numbers, CVV, or other unmasked payment data into prompts — redact or tokenize before use. (2) The package has no network calls, but provenance is limited (source/homepage unknown); if this matters to you, inspect handler.py locally and run the included tests in a safe environment. (3) Treat outputs as planning advice only: follow your compliance, PCI, and legal review processes and require human approval before any production routing changes. (4) If you plan to run this in an automated agent, consider limiting the agent's ability to forward user-provided payment text to external endpoints.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c8kghqv6n1xcypa6synxmn584s9s3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments