Skillv1.0.0

ClawScan security

Alipay · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 4, 2026, 9:44 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only Alipay integration playbook whose requirements (curl, jq, ALIPAY_APP_ID) and behavior (local notes under ~/alipay, calls to Alipay endpoints) are coherent with its stated purpose.
Guidance: This skill is an offline instruction/playbook for implementing Alipay and appears coherent. Before installing: 1) Confirm you are comfortable with the agent creating ~/alipay files and review their contents after first use; those files can contain payment metadata (avoid storing private keys or raw signed payloads). 2) Keep private keys and PSP secrets out of chat — the skill explicitly forbids pasting them. 3) Ensure curl and jq come from system package managers you trust. 4) If you expect the skill to perform live API calls, ensure the agent will use sandbox endpoints for testing; verify any production requests are intentional. 5) If you want to restrict persistence or network access, run the agent in a constrained environment (limited filesystem or network) or inspect the agent's actions during initial runs.

Review Dimensions

Purpose & Capability: okName/description match the content: this is a hands-on implementation and launch playbook for Alipay integrations. Required binaries (curl, jq) and env var (ALIPAY_APP_ID) are consistent with diagnostic and integration tasks; no unrelated cloud credentials or services are requested.
Instruction Scope: noteInstructions stay within payment integration scope: setting up a local ~/alipay workspace, following checklists, and using Alipay production/sandbox endpoints. Note: the skill directs the agent to create and write persistent files under ~/alipay (memory.md, validation-log.md, incidents.md); these files may contain sensitive metadata if the agent or user writes such data. The skill explicitly warns not to paste private keys into chat and not to store raw signed payloads.
Install Mechanism: okNo install spec or external downloads — instruction-only. This is low-risk because no archives or third-party packages are fetched or executed.
Credentials: okOnly ALIPAY_APP_ID is required in metadata. The playbooks reference merchant keys/certificates and PSP accounts as prerequisites but do not ask for them as required env vars or attempt to collect them in chat. The requested environment access is proportional.
Persistence & Privilege: notealways is false and the skill does not request elevated platform-wide privileges. It does instruct creating persistent files in the user's home directory (~/alipay) and sets restrictive file perms; users should be aware data will persist on disk and ensure proper protection (disk encryption, access controls).