ClawHub

In-App Purchases

v1.0.0

Implement in-app purchases and subscriptions across iOS, Android, and Flutter with RevenueCat, paywalls, receipt validation, and subscription analytics.

2· 579·0 current·0 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (implement IAPs, subscriptions, RevenueCat, paywalls, receipt validation) match the content of SKILL.md and the included platform/server/paywall docs and code examples. Required env/config/binaries are minimal (none declared) which is reasonable for an instruction-only reference.
Instruction Scope
SKILL.md and the included files focus on platform SDKs, RevenueCat, server verification, webhooks and testing — all in scope. The docs include sample server endpoints, webhook handlers, and examples that show handling receipts, webhooks, and storing raw receipts; these are expected for the stated purpose but mean the implementer will be asked to handle sensitive data and run networked endpoints.
Install Mechanism
Instruction-only skill with no install spec and no code files to execute — low installation risk. All code appears as examples in markdown; nothing is being downloaded or written by the skill itself.
Credentials
The skill declares no required environment variables or credentials, but many examples reference sensitive secrets (App Store JWT private key, Google service-account.json, RevenueCat API keys, webhook endpoints). That is expected for this functionality, but the skill does not itself request or manage those secrets — you will need to supply and protect them when you implement.
Persistence & Privilege
Skill is not marked always:true and does not request persistent system privileges. It is user-invocable and can be invoked autonomously (platform default), which is expected for a skill; nothing in the package attempts to modify other skills or global agent settings.
Assessment
This package is a set of documentation and code examples for implementing in-app purchases and appears coherent for that purpose, but note the source is unknown and the docs include code that requires sensitive credentials (App Store JWT private key, Google service-account.json, RevenueCat secret API keys, and webhooks). Before using: (1) verify the skill's origin or prefer official vendor docs if provenance matters, (2) never paste private keys or service-account files into public chat — store them securely (secrets manager, environment variables, or vault) and use least-privilege service accounts, (3) implement webhook verification and JWT signature checks as shown to avoid spoofed events, (4) test thoroughly in sandbox environments (StoreKit/Play Console/RevenueCat sandbox) before production, and (5) review the sample server code to ensure you apply secure coding practices (rate limiting, idempotency, logging/audit, and secure storage of raw receipts).

Like a lobster shell, security has layers — review code before you run it.

latestvk97ag9p05qcbgqh626yf5pbx5n81aqjm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💳 Clawdis
OSLinux · macOS · Windows

Comments