Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Query Payful Account
v1.0.1Query Payful account information including balance, transactions, and account details. Use when the user needs to check their Payful account status, view bal...
⭐ 0· 66·0 current·0 all-time
byHugo Gu@hugogu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description, SKILL.md, and the included Python script consistently implement a Payful account query and legitimately require PAYFUL_TOKEN and PAYFUL_USER_ID (browser cookie values). However the registry metadata provided above claims there are no required env vars or primary credential — that mismatch between declared registry metadata and the skill's own SKILL.md/script is unexpected and should be questioned.
Instruction Scope
SKILL.md instructs only to set two env vars and run the included script. The script reads only PAYFUL_TOKEN and PAYFUL_USER_ID, calls the Payful API endpoint (or a user-supplied --api-url), and prints results. It does not access unrelated files, system paths, or external endpoints beyond the optional api-url parameter.
Install Mechanism
There is no install spec (instruction-only with a bundled script). Nothing is downloaded or written to disk beyond the included script, which is low risk from an install-mechanism perspective.
Credentials
The two environment variables requested are directly related to the task (they are session cookies used for authentication). They are highly sensitive (session-cookie style tokens). The SKILL.md marks PAYFUL_TOKEN as the primary credential, but the registry metadata above does not declare these env vars — this inconsistency is concerning because missing metadata can hide the need to supply secrets or cause accidental exposure if users set tokens in shared environments.
Persistence & Privilege
The skill does not request elevated persistence (always is false) and does not modify other skills or system settings. The default ability for the agent to invoke the skill autonomously remains, which is standard; there is no evidence of the skill attempting to persist credentials or reconfigure the agent.
What to consider before installing
This skill appears to do what it says (query Payful account balance) and the code is straightforward, but proceed with caution. Key points to consider before installing or running:
- The SKILL.md and script require two sensitive environment variables containing browser session cookies (PAYFUL_TOKEN and PAYFUL_USER_ID). These grant full account access; only set them in a trusted, private environment.
- The registry metadata omitted these required env vars/primary credential—ask the publisher why the metadata and SKILL.md disagree before trusting the package.
- The script can be pointed at an arbitrary --api-url; only run it against servers you trust (the default is global.payful.com). Malicious actors could instruct you to use a custom URL to capture credentials.
- Prefer using scoped API credentials (if Payful provides them) instead of raw session cookies. If you must use cookies, set them in a temporary environment and avoid sharing or storing them in shared shells or CI.
If you cannot verify the publisher or the metadata mismatch, treat this as suspicious and avoid supplying your account cookies.Like a lobster shell, security has layers — review code before you run it.
latestvk972za38gptvjkfkhkgzt5v1yn845gv4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.